Have you heard about the SIN scam? How about the SIM card scam? Are you having trouble keeping up with all the scams? Then you’re not alone.
A 23-year-old Cornwall, Ont., woman was in the news this week after she fell prey to the SIN scam, described as a new version of the tried and true CRA scam and currently the top identity fraud in Canada.
Julia-Shea Baker, a server, lost every penny she had – $4,000 in total – after getting a call from a con man who claimed to be an RCMP investigator. He used the name Steve Rogers – the alter ego of Captain America. He told Ms. Baker that her social insurance number had been compromised and that a car rented in her name was involved in a violent cocaine deal in Toronto. He gave a badge number, a case number and when he phoned a second time, the caller ID said Cornwall RCMP. But it was all fake.
Once he got her hooked, Rogers told Ms. Baker that the RCMP could arrange to get her a new SIN, but she had to protect her money by converting it to gift cards. It was a matter of some urgency.
For four and a half hours, the terrified woman drove around Cornwall buying up Google Play gift cards, with Rogers on the line “carefully taking note of the gift card numbers and codes,” as CBC reported. She didn’t realize she’d been conned until the next morning, when the grifter didn’t call back as promised with her new SIN.
What baffles people about these scams – which are always “on the rise” – is that the police seem powerless to prevent or prosecute them. In fact, in a story this week reported in the North Shore News, the victim himself was a West Vancouver police constable. This time it was the SIM card scam.
In this one, the crook calls the victim’s mobile phone provider, impersonates the victim and has his number switched to a new SIM card. At that point and with lightning speed, the thief can access the victim’s email and banking apps and reset passwords.
Const. Kevin Goodmurphy was at work when he checked his personal cellphone and saw a text message from his carrier. It advised him that his phone number was being transferred to another provider and that he should call immediately if he hadn’t requested the change. But it was too late. His service had already been disconnected and his bank accounts drained of tens of thousands of dollars in cash and credit. Because he acted quickly, he was able to freeze the transactions.
The WVPD is now warning the public to protect themselves by not sharing personal information like birthdays on social media, not answering phishing emails asking to confirm a password or update account information, using an offline password manager and asking their phone provider if extra security measures are available.
Summing up his own experience, Mr. Goodmurphy concluded: “Everybody is vulnerable.”
The SIM card scam is especially alarming because there was no confidence trick played on the victim – the mobile phone provider was taken in but it was Mr. Goodmurphy’s money that was almost stolen.
A recent Global News story on the SIM card scam quoted Ira Goldstein, COO of the cybersecurity firm Herjavec Group, who said he believes it’s up to wireless carriers that provide phone service “to ensure that the ecosystem is secure.” However, Mr. Goldstein is then paraphrased as saying that even if PIN numbers and security measures are used, human error and fraud will still occur: “He says the only real way to ensure security is through biometrics because a fraudster might be able to guess a password, but facial recognition and fingerprints are unique.”
So is that where this is going? Will the vulnerable public reach a stage where they willingly line up for voice, iris, retina, fingerprint or facial recognition? To take suspicion to its logical next step, could this proliferation of scams be a scam within a bigger scam?
While you ponder that admittedly paranoid flight of fancy, you’ll have to excuse us. The phone is ringing.