Owners of Penningtons Tea and Coffee in Kendal hit by SIM card scam

Gina and Dave Pennington had finished a normal day at work on Tuesday and were just starting to relax when they received a text message from Lloyds bank telling them that a loan of £35,000 had been deposited into their bank account.

But they had not asked for a loan. 

"I felt a wave of sheer panic," Gina said. "We called Lloyds five minutes after the money was deposited and managed to get our accounts frozen." 

"It's very frightening to think they have access to something as personal as your bank, and that they're using your personal details against you. I'm very disturbed by how easy this was for them." 

The Penningtons said they were the victim of a scam called 'SIM Swapping.' A scammer can buy leaked personal details on the internet, call up the victim's phone company pretending they are them and ask them to port the phone number to their SIM.

Bank accounts and other personal online accounts are often verified through a phone number. This means that a scammer can then have access to the victim's money. 

"Anybody can get anybody's details on the internet," Gina said. "People coming into this shop have been saying 'oh God that is awful,' people have been really nice." 

Their lives have been made more difficult however by the fact that they can no longer use their phone. 

Once they told their phone provider they promptly blocked the SIM. This meant that they had to go through a working day without access to calls. 

The Penningtons were the victims of a 'SIM card scam'

When asked what their phone provider recommended to them, Gina said: "Set up a SIM PIN so that the SIM locks if someone enters the incorrect code more than three times, and set up 2-factor authentication (2FA) for your accounts."

This typically means receiving an SMS text with a code on it to input along with a password. However, for bank accounts, this may mean something stronger, like using a software token through a 2FA app or a card reader.