What is shoulder surfing? Warning issued about mobile phone fraud

Criminals are exploiting human behaviour to commit financial fraud. Here’s how to protect yourself against it
Shoulder surfing is a tactic criminals use to access personal information
Robin Worrall
Seren Morris22 May 2023

A UK fraud officer has issued a warning about “shoulder surfing,” a tactic thieves use to access victims’ financial information before stealing their phones.

Detective Superintendent John Roch, head of economic crime at the Metropolitan Police in London, told the BBC that criminals were exploiting human behaviour to commit fraud.

He said: “It’s only a phone... but if you take that out without the right precautions and protections around it, you are essentially walking around with a bag of cash.”

So what is shoulder surfing and what steps can you take to protect yourself?

What is shoulder surfing?

Shoulder surfing is where thieves look over the victims’ shoulders to see them enter financial information on their phone, such as their PIN or bank details. It typically happens in public, crowded areas.

They then steal the phone and access the victim’s banking apps to steal money.

Shoulder surfing can also involve a thief looking over a person’s shoulder when they’re using an ATM, to gain access to information such as their PIN, before stealing their card.

Thieves may also watch victims enter their card information when shopping online, or look for people entering passwords on various sites.

Experian warns that shoulder surfing can even happen from afar, with thieves using cameras or binoculars to watch victims enter key information.

What is the impact of shoulder surfing?

Once thieves have access to your financial information, such as passwords or PINs, they can gain access to your banking apps and transfer money.

They could use your personal information to apply for loans or credit cards, or even sell your personal data to other criminals.

How to avoid being a victim of shoulder surfing

Be aware of your surroundings when entering personal information in public. Make sure your back is against a wall and that nobody can see your phone or laptop screen. Take extra care when using an ATM.

Use biometric data such as facial ID or fingerprints to avoid having to enter passwords in public. Using contactless payments where possible means you avoid using your PIN in public.

Use different passwords and PINs. If you use the same password for everything, thieves will be able to gain access to more of your personal data by learning only one password.

Regularly check your bank statements to keep an eye out for any suspicious activity. The sooner you spot fraudulent activity, the sooner you can go to your bank for help to prevent further damage.

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Create Account you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy policy .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in