Can Anyone Give Any Advice Regarding Identity Theft?

Meho2026 on 30/07/2021 - 18:04
Last edited 30/07/2021 - 18:08

TLDR
Spouse nearly got scammed. Scammer has all personal details and license number and has started opening bank accounts using info. What do should we do to stop it?

Details:
My spouse received a call on their personal mobile from Afterpay. The caller ID was another mobile number.
The caller said their had been some fraudulent activity detected on the account and they asked for all the personal details to confirm identity.

Spouse is suspicious so refuses to give any info. The caller then states my spouses full name, including middle name, address and obviously knows phone number.

They then explain they are going to send them a verification code by sms. A code is received which my spouse gives to the caller.
Call ends and basically straightaway my spouse realises they have been scammed and the verification code was one to authorise a purchase.

They contact Afterpay who confirm a $900 purchase from the Good Guys. The Afterpay account is then disabled and Afterpay confirm the credit cards on the account. There's two cards on file and only one belongs to my spouse.

Obviously the Afterpay account got hacked somehow.

Incident reported to crimestoppers on the advice of Afterpay. Follow up call from local cop shop says watch out because there has been identity theft reports in our area from mail getting stolen.

We reported the transaction to the Good Guys with the order number afterpay had.

Today, about 2 weeks later, spouse receives a 86400 debit card in the mail. They havent opened an account.

86400 freeze account and report to fraud department. They confirm that a driver license or medicare card mustve been used to open account.
That means the scammer must have the license number or the Medicare number as well. You dont need the physical license to open an account, just the number and the cards have never been lost.
The email used was spouse full name @gmail.com

86400 advised reporting this to the police too, so thats now been added to the original report.

Now I'm thinking that because 86400 is just a visa debit account, there needs to be money in the account to make any purchase so the scammer probably wants a bank statement to start building 100 point ID. Thats my guess.

It seems a bit amateurish to open an account when you know a physical card will be delivered 5-7 days later potentially alerting the victim.

Service NSW confirmed that no one has attempted to change address on driver license but apparently theres no point in getting a replacement license because the license number will always be the same, only the card number will change.

We've filled out the request for help with IDcare.

Passwords have been changed in all other accounts.

Theres nothing of note in haveIbeenpwned.

We dont know how the Afterpay account got hacked or how they got the license number.

We're worried about identity theft, got any advice?

Financial

Comments

  • bdl on 30/07/2021 - 18:19
    +2

    Sorry to hear this :(

    Have all your credit cards, debit cards reissued.

    Register for ServiceNSW if you haven't already and set up 2fa - to stop scammer potentially setting it up with your spouse's details.

    Maybe reissue drivers licence anyway, with an updated photo so you can at least track the usage of the older photo/licence details.

    Reissue medicare card, only changes expiry date and card issue number, but at same time you can separate scammers usage from your spouse's legitimate usage.
    https://www.servicesaustralia.gov.au/individuals/services/me…

    Rotate all your online passwords again weekly, for at least a month or so.

    Good luck OP.

  • scrimshaw on 30/07/2021 - 18:23
    +5

    Moneysmart has a checklist of things to do when your ID is stolen

    https://moneysmart.gov.au/banking/identity-theft

    Other things that I think might be helpful is to also lockdown your social media pages — set everything to private, including Facebook, LinkedIn so as to remove any clues to things like Secret passphrases or Secret Questions

  • netjock on 30/07/2021 - 18:48
    +4

    Only thing I can think of is. If someone calls you, tell them you will call them right back on the number on number on the website (make sure you hang up properly then call the number on the real website, not the google ads). Whenever people want to call me to talk about financial details I am not interested, will call back. You can't be sure who it is.

    Drivers licence and medicare together would be part of your 100 pt check, your partner might need to look back on recently where they showed both documents or one document (especially drivers licence) which might narrow down where the leak came from.

    Best of luck. Pain in the bum these scammers.

    • [Deactivated] on 30/07/2021 - 19:16
      +2

      If someone calls you, ask for a reference number to get back to them quicker and tell them you will call them right back on the number on number on the website

      Added an extra point to save some time if it's a legit call.

  • trustnoone on 30/07/2021 - 20:10
    +1

    In addition to this, try to get regular credit checks throughout the next few years to ensure there isn't anything new created (and it doesn't impact you negatively). Also do not pay for anything if debt collectors come, apparently they'll try to ask you to "pay a bit to buy time and then you can deal with it later" which is a tactic to try to get you responsible for the debt.

  • Melb69 on 30/07/2021 - 21:53

    Was it a Citibank Credit card they used

    • Meho2026 on 31/07/2021 - 07:49

      No, BankWest credit card they've had for years

  • solidussnake on 31/07/2021 - 09:28

    That's why I never answer any mobile or land line numbers I haven't saved onto my phone first, I just let them ring out and if its important they always leave a message.

Login or Join to leave a comment
Login Join