|
|
|
|
|
|
by hestefisk
1371 days ago
|
|
|
DOB, name and address are typically enough details to commit severe identity theft, at least back in 2017 when it happened to me in Australia. Someone stole a letter from my insurer in my mailbox and used my name and address to impersonate me and obtain my DOB and email from my insurer. They then used these details to hijack my phone number (SIM porting) and obtain my bank account details. They ended up hacking into my online banking (because my bank used and still uses SMS based OTP, not a device key - St George Bank, I’m looking at you) and tried withdrawing thousands of dollars in cash from an atm using cardless withdrawal. They didn’t succeed because I was overseas at the time and the bank fraud monitoring picked it up on the spot and froze all my cards. Very scary indeed and firm proof that you can do a lot of damage with very little information about someone, at least in Australia. |
|
|
Sounds like the biggest fail was your insurer handing over those details based only on your name and address. How did that work? "Hi, I'm Dave Smith from 101 Easy Street South Sydney, can you tell me my DOB and email please?" Why would the insurer give a customer their own personal details? They are supposed to ask the caller to state those details in order to proceed with account access.