A rather disturbing incident involving a stolen phone and credit cards and the ability of a fraudster/thief being able to reset a user’s password/pass-number for a high-street bank occurred in September involving a journalist called Charlotte Morgan. She described what happened to her (and it transpired others) when her phone and credit cards were stolen from a locker in her local gym.
The incident was covered by the BBC https://bbc.in/3Vm8ylH and https://bbc.in/3CukHMS and also in the papers.
The incident was described by the FT Adviser in two reports – firstly the incident, and then (belatedly) Santander’s response.
Charlotte chose to broadcast her experiences on twitter and got a range of helpful and supportive pieces of advice.
So we start with the first piece of advice – keep your phone and your credit cards separate. Don’t store/keep them in the same place. Maybe, if you follow the advice that follows later you should just keep the credit card details only on your phone and dispense with using plastic. For Apple that involves storing the card information in your Wallet.
And this is the security loophole that the thief was exploiting. The default setting when you get your new phone, and insert the SIM is to leave the SIM unlocked. This means that the SIM can be taken out of the phone with your network details (and more), and inserted into another phone. Not really what you want, is it? So, lock the SIM to your phone, and by doing that, if the SIM is taken out – it is of no use in another phone. You will need to remember the new PIN you create which you will have to supply when you power-up your phone, or when you change it for a new/replacement. This is obviously an important piece of information to remember!!! There is no way of recovering the SIM PIN if you forget it!!!
So what actually happened. This thread explains it well …
So what do you do? On an iPhone or Android …..
But what are the default SIM PINs that network operators use?
This link will be useful as it lists the default SIM PINs for the major network operators. These are the ones you need to change to your own personally chosen PIN.
It really is quite important. Change your SIM PIN and keep your credit cards separate from your phone.