Renters Warned of Increased Fraud Risk During Letting Checks

A concerning report from The Guardian this week has shed light on the vulnerabilities renters face during the property letting process, with a particular focus on the risks associated with letting agents’ identity checks. The alarming story of a London teacher, who fell victim to fraudsters after attempting to rent a property, underscores the potential dangers of sharing personal information.

The teacher, seeking anonymity, shared her harrowing experience of how criminals exploited her personal data, submitted to a letting agent, to hijack her mobile phone service and subsequently drain her bank account of £3,500. This method, involving the acquisition of a replacement SIM card to facilitate unauthorized bank withdrawals, represents a growing trend in cybercrime affecting unsuspecting renters.

Her ordeal began with a seemingly routine requirement to undergo financial checks by the letting agent, necessitated by her change in living circumstances. Using an online tenant referencing service recommended by the agent, she submitted a wide array of personal documents, including her passport and driving licence. Moreover, she was instructed to grant the service open access to her banking details via Open Banking—a decision that would lead to her financial loss.

The breach became apparent when, days after submitting her information, the teacher lost mobile service, mistakenly attributing it to a technical fault. Unbeknownst to her, fraudsters had commandeered her phone number by convincing her mobile provider, O2, to issue an e-SIM. With control over her phone, the criminals bypassed bank security, facilitating a substantial unauthorized bank transfer.

The teacher’s distress was compounded by a lack of immediate alerts from her bank, Barclays, and O2 regarding the suspicious activities on her accounts and phone service. It was only upon her inability to make a payment at a petrol station that she discovered the fraud.

After a tense period of uncertainty, Barclays refunded the stolen amount, acknowledging her victim status in a sophisticated scam. Reflecting on the incident, the teacher speculated that her vulnerability might have been exacerbated by the extensive personal data shared during the tenancy check, coupled with a lack of two-step verification on her email account, which could have provided an additional layer of security.

This incident has prompted warnings to prospective renters about the risks of sharing extensive personal information and the importance of employing robust security measures, such as two-step verification, to protect against identity theft and financial fraud. The case serves as a stark reminder of the sophisticated tactics employed by cybercriminals and the need for vigilance during the letting process.