I want to report a massive breach scammers were able to contact us via the official monzo mobile number. How is this even possible?
1 Like
Itâs not a breach. Itâs very easy to spoof.
3 Likes
Anyone can pretend to call from any number they like. Probably a tech savvy seven year old can do it even.
1 Like
Iâve had my number spoofed before, I had people calling me for 2 days saying âI have a miss call from youâ even though I never called anyone lol.
Your first kind of warning sign is Monzo contacting YOU when youâve not attempted to contact them, Monzo will never do that.
If they were trying to be helpful, again, Monzo donât do that either
4 Likes
As noted above, fraudsters can make it look like theyâre calling from the bank, and generally have information about you from many sources such as social media, purchasing goods and services from unusual places, public profiles on many platforms.
It would be good advice to change your passwords where possible, and be conscious of where you shop online or where you share even the small pieces of information (even on social media posts/groups).
3 Likes
In this case the number that was used was identical to the one used for previous correspondence with Monzo. It wasnât a madeup number that looked official - How would they even be able to create the impression that they are sending a message off of the legitimate monzo number? Just interested to know how they can spoof the official number?
Have a look at the links Carlo posted, theyâll explain it far better than I ever could.
4 Likes
Thereâs a million technical explanations a quick google away, but as above this is very common and easy to do unfortunately.
Monzo has this page so you can see if they are the ones on the phone to you or not
2 Likes
Very easily. Number spoofing is incredibly common, as the links shared above and a cursory Google search shows.
1 Like
Monzo has a mobile number?
I only see two numbers on the following page and neither are mobile numbers
VOIP services allow you to set your name to be anything.
Not sure if itâs still the case but it used to be that you could create a Skype account, set your name to be something like Monzo, and in caller ID youâd show as that since you donât have a phone number for the recipient to see.
I get number spoofing and how easy it is to do, however I was called out of the blue by âMonzoâ who told me they had just sent me a OTP to my phone number. It was spoofed so the text came fromâMonzoâ. I hung up. The concerning part is that when I spoke to Monzo over Monzo app chat, the support agent said âwe do have a record of sending you a text today, but not of a phone callâ. I received only one text from any number calling itself Monzo that day⊠They told me it was a phishing call. How though do real Monzo have a record of a text being sent to me that day if it was initiated by a scammer?
Because the scammers, while spoofing Monzoâs number, tried to make a transaction which triggered a genuine text.
Had you given the code to them they would have been able to authorise the transaction as if it was you.
1 Like
Thatâs how these authentication code scams work and is why they say to not even share them with the bank staff as theyâll never ask for it - someone triggers a code and tells you itâs the bank verifying your identity or something and that itâs safe to share with them even though it says not to, but really youâre giving them a code to approve a transaction or some other action.
1 Like
Could be the scammer has tried to compromise your account and knew enough details to get Monzo to send the OTP, and this part of the scam was them trying to get you to reveal the OTP to them so they could do whatever they were trying to do.
If I were you Iâd be checking credit reports to make sure thereâs no other strage things showing, and checking no other accounts like email have been compromised.
Might also be worth contacting your mobile supplier to check no-one has tried a SIM swap fraud on you.
1 Like
Thanks for your message, but thereâs no record of any attempted transaction on my account?
They might have been trying to set up Apple Pay as that requires an OTP to activate. They could then spend freely posing as you.
1 Like
Thank you. Iâm not familiar with SIM swaps so Iâll google these.
Doesnât Apple Pay set up require authorising through the Monzo app?