Skip to main content

Security researchers have warned mobile phone users that fraudsters are using mobile phone identity numbers to commit complex banking frauds, The Inquirer reports.

Security firm Trusteer said it has found a number of phone infections that look to steal, or encourage users to give away, the 'international mobile equipment identity' (IMEI) number on their handsets.

Trusteer's researchers believe that malware writers are then using the stolen IMEI numbers to report handsets to mobile phone companies as stolen or missing - and getting a valid SIM card connected to the victim's bank account as a result.

By doing this, criminals could then get access to the original user's passwords and personal details, allowing them to make fraudulent banking transactions.

In the past, criminals have targeted mobile phones as a way to sidestep bank security measures on stolen bank accounts. Earlier this year, malware was discovered that attempted to store user account details as a way of blocking bank security measures.

Trusteer's director of product marketing, Oren Kedem, commented: "It is a commonly used authentication mechanism that is now becoming a common attack vector. By taking over the mobile phone you can circumvent these security controls that banks apply."

The news follows a new report from the National Fraud Authority (NFA), revealing that fraud costs the UK around £73 billion a year. Looking more closely, it's estimated that each UK adult aged over 16 is £1,441 a year worse off because of fraud.

Further reading:

Legal Information