Aldi Mobile SIM Swap Mobile phone hackers affect Sydney woman for four years
When Kristen, a Sydney woman, answered her phone in February 2018, she had no idea the five words she heard would completely destroy her life.
When Sydney’s wife, Kristen Eganleigh, received a seemingly innocent phone call, she never imagined it would turn her world upside down for the next four years.
It was February 2018 when Ms Eganleigh, in her 40s, received a call from an Australian mobile number.
In a voice she described as “really bubbly,” the caller said five simple words that sounded so innocuous: “Hey Kris, how are you?”
Ms Eganleigh instinctively replied, “I’m fine, how are you?”
Then the cut line.
Thinking the incident was bizarre and wondering who it could be, she got back to work. A few minutes later, his phone lost connection and went into “SOS only” mode, meaning he couldn’t send or receive texts or calls.
The photographer had fallen victim to an elaborate SIM swapping scam that, unbeknownst to her, had taken a year to prepare and would have repercussions for many years to come.
“I was a victim of this four years ago and still today I face the carnage,” she told news.com.au.
A SIM card swap hack occurs when a cybercriminal transfers – or redirects – the victim’s cell phone number to their own phone, allowing them to intercept text messages and reset passwords for things like bank accounts.
In Ms Eganleigh’s case, they were able to do this by impersonating her telecommunications provider, Aldi Mobile, and then convincing the company to replace her SIM card with an eSIM card.
Looking back, she remembers receiving many random messages from people who were supposed to be council employees in the year before the hack.
“Before that happened, for 12 months I got calls, people wanting my zip code, did a survey, ‘what street do you live on’, they kept building that image for 12 months , they looked like Aussie,” she said.
“They say they are doing a survey for NSW City Council; I never suspected.
This is where she thinks they managed to gather enough information about her to assume her identity with her cellphone carrier.
For most telecom providers, a password is not required to switch SIM cards – other information such as date of birth, name and address may be enough to convince them that you are a customer legitimate.
Ms Eganleigh believes the scammer – a woman with a broad Australian accent – was calling her one last time with the message “how are you” to see if the porting of the phone had worked.
Once they switched his SIM card to their phone, the hacker hacked into his bank account, including the credit card linked to his home loan account where his salary was deposited.
They racked up $7,500 in debt in his name through PayPal at online stores such as Myer and the Iconic.
The fraudster also tried to intercept his tax refund in July of the same year, worth several thousand dollars.
His email address and Apple account – which included his iCloud – were also stolen in the cyberattack.
Once they got hold of her email, Ms Eganleigh’s nightmare got even worse.
“They set up an answering machine for anyone who emailed me, it sent a virus, sent it to everyone,” she said.
On top of that, they “batch downloaded” her email, meaning that even after she signed them out of the account, they had all of her previous emails safely stored on their own device.
Systematically, they went through them one by one and “hit the jackpot,” she says.
For a previous job, Ms Eganleigh had sent a photo of her passport and driving license to the HR team.
She had never deleted the email and the hacker got hold of it.
With these official documents, the hacker was then able to set up accounts in Ms Eganleigh’s name, including a mobile phone plan, as part of a major identity theft scheme.
“It blows your brain; it really frustrates me,” she said.
“I even now have a lock on my tax file number so I have to contact the fraud department every time I want to do something with ATO to get a temporary bar lift.
“It’s driving me and the accountant crazy.”
The hacker is constantly changing the email attached to their main accounts even now, years later.
Once, out of frustration, she emailed the address they tried to list, telling them to “f**k off.”
Every few months they will try again.
“The police told me to leave the [phone] go number. I couldn’t because I had photographer clients,’ Ms Eganleigh said.
“I had to buy a new modem, I now have subscriptions to some password vaults, virus protection monitors it all the time, same with my laptop. I spent $1200 on a computer professional.
His partner at the time was also a victim of the security breach. They started getting random calls and lost money in mysterious transactions, which eventually led to them breaking up with her.
“It wasn’t exactly the best,” she said.
In 2020, two years after the initial cyberattack, the criminal even created a Deliveroo account for which she was charged.
Later that year, Ms Eganleigh also noticed strange charges on her credit card. When she was in Bondi, she reportedly spent $280 on a single purchase.
After checking the name of the store, she discovered that it did not exist. The hacker was tracking her in real time and so had hoped that she wouldn’t think anything of the outgoing transaction because she was in the same place she had been.
“There are a few hours a week that I spend checking my emails, verifying the legitimacy of things, it’s so time consuming,” she said.
“And it frustrates my job too, how much time I spend doing it.”
His contact details were also sold on the dark web.
Four years later, Ms Eganleigh’s details are still being shared online with other scammers.
“I get alerts, I have an online password manager that banks use. It allows me to monitor the web,” she said.
“I received a message two days ago saying that my name and email address have been sold on the dark web.”
She also has an alert system in place if someone tries to tamper with her credit report.
Speaking to news.com.au, she revealed that on the same day she had already been called by scammers from Turkey, Iran, New Zealand and California.
Ms Eganleigh said there was one thing “that kept bothering me”.
The scammers will call him on a number that is the same as his, but with a different digit.
“Because it’s familiar, they’re hoping I’ll pick up,” she said.
Ms Eganleigh got all her money back from the bank, but the culprit was never caught, allowing them to continue wreaking havoc on her life.
Do you have a similar story? Continue the conversation | alex.turner-cohen@news.com.au | @AlexTurnerCohen