Woman charged £1400 for stolen mobile phone

Graham Cluley
Graham Cluley
@[email protected]

Woman with mobile phone
We’ve spoken before on this blog about how a lost mobile phone can mean also losing sensitive corporate data. We’ve even talked about how smartphones can be infected by malware, and turned into a revenue-generating botnet.

But here’s another way in which criminals can make money out of your mobile, with no hacking required.

28-year-old Kathryn Mills-Webb, a PR manager from Greenwich, London, has found herself in a fight with her mobile phone company after it tried to charge her £1400 for calls made on her mobile phone after it was stolen.

The spare phone was just one of more than a 100 items which were stolen from the house Kathryn shares with her husband Tom during a recent burglary. They hadn’t used it for months, and hadn’t noticed at first that it was missing at all.

Sign up to our free newsletter.
Security news, advice, and tips.

That didn’t stop the burglar, of course, making £1400 worth of calls to Colombia in just 72 hours!

Kathryn writes on her company’s blog:

Why doesn't T-Mobile (and the others) have the technology in place to prevent this sort of crime from the outset? While not compulsory, most banks have regular checking systems in place that alert them to any potentially fraudulent activity on the account) - surely this kind of technology could and should be easily transferred to check for unusual activity on mobiles too?

In fact, I'd argue that mobile operators have a similar duty of care to their customers. Just as banks can temporarily put a hold on credit and debit cards in the interests of fraud prevention, phone companies should automatically block the SIM card when the bill goes over a certain level or when the activity does not fit with general usage patterns.

I have to agree with Kathryn. This was an old mobile phone, that hadn’t been used for months. For it suddenly to make so many expensive calls to a country it had never contacted before should have set alarm bells ringing in the mobile phone company’s systems. After all, if my credit card was being charged in such an unorthodox fashion I would have expected my bank to put the brakes on.

Isn’t it time that mobile phone companies, who in Britain at least have never been slow to make a quick penny out of their users, took greater care of them? (And while they’re at it, they might want to get their own house in order regarding theft.)

In the meantime, my advice to anyone who has an old mobile phone lying around for occasional use is to switch it to a pay-as-you-go scheme – at least that will help limit the impact of a homesick Colombian burglar.

Kathryn is understandably miffed about being held responsible for the charges, and has set up a Facebook page calling on others to pressure T-Mobile (and other phone companies) into seeing sense.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.