My Never-Ending Fight Against Thieves - Part 2
If you missed part 1, here's the "too long, didn't read" version so you can easily catch up on the story.
TL;DR of part 1:
I found out someone is calling companies from my phone number, trying to hack various accounts. They had control of my phone by getting into my cellular account and also hacked several of my emails. They hacked my Facebook, bank, Authy, PayPal, and quite a few other websites. Nothing was stolen from me yet, and after adding an extra layer of security and 100s of password changes, they seemed to have stopped trying. For now...
If you read part 1, start here:
Fast forward a little more than six months from the first fiasco. @sharingeverybite and I are sitting down for dinner at a local joint in Phoenix, Arizona. Mahi Mahi tacos and giant margaritas are what's on the menu for this Taco Tuesday.
T-mobile sends me a text saying here's the security code you requested, if you did not request it call this number. I'm eating dinner, so naturally, I did not request this code.
I'm a little embarrassed to say, if not for the previous incident in part one, I'm guessing I would've just brushed off this text message as probably no big deal, and gone about with my business. I would've thought meh, maybe I'll get around to calling later.
PRO TIP: If you ever get a text like this, drop what you're doing and do two things:
1.) First, make sure the number they asked you to call is legit, and the text is not a scam in itself.
2.) Call the number immediately.
I got up from the table and went outside to call that T-mobile number. After verifying my account, the person that answered said he just spoke to this thief who was trying to access my account. He said the individual couldn't get past the additional security questions (I added a few months back in part 1), got frustrated, and hung up. The code "I requested" was sent to me as another way the fraudster could verify his identity. I thought: Oh no, not this again! Well, at least my additional security that I added seems to be working.
I rested easy the next few nights, knowing my security efforts were paying off, but I shouldn't have been so confident...
A few days passed until I was at a friend's apartment for game night. Pulling my phone out, I noticed I didn't have service. I thought: It's probably just poor service here.
Later, when I got home, there was still no cell service. But, that's when I was able to connect to my Wi-Fi and received a number of notifications. I had several emails saying that my PayPal password had been changed, a few notifications of PayPal purchases that I didn't make, and an email saying an email address has been added to my account. I attempted to call PayPal, but it was after business hours; I'd have to deal with the issue the following day.
My phone stopped working and someone has stolen $100s out of my PayPal account, what is going on?!?
The following morning after waking up, my girlfriend asks me You didn't send me $200 through Venmo, did you?
No, I did not!
Awesome. Now my phone doesn't work, my PayPal was hacked, and my Venmo was hacked.
Off to the T-mobile store I go:
Me: My phone stopped working last night, and I have a history of people hacking my account. I'd like to know if there's anything fishy going on.
Manager: Let me pull up your account. [...] So YOU didn't port your number out last night?!?
Me: Uh, what? No, I didn't. How can someone port my number without my permission?
As it turns out, it's easier to steal my phone number by porting it to another carrier than it is to get into my T-mobile account.
I don't know what exactly they are after, but they're going to be disappointed if they ever find it. It's only going to get harder for them because, with every hack, I add another brick to my security wall.
Remember to click that FOLLOW button, so you can see what happens next.
all photos are mine or are taken from Pexels and require no attribution
This is a pretty common method of fraud called ATO -- account take over.
What happens is this:
The attacker gets some initial leverage. He probably either bought your email and password somewhere, or he bought your paypal login and password somewhere (like slilpp) and it was the same as one your emails.
Whatever he got, he used it to leverage all your emails. Then used your emails to leverage your account password resets.
the phone takeover trick is well known in fraud circles.
This method is minimally effective on someone like you, but if you and @sharingeverybyte were way older and less connected to the interwebs, they would have probably cleared all your bank accounts and maxed out all your credit cards by now.
Also, check the forwarding on all of your emails. Even if you changed the password, if hes already been monkeying around in your account settings, he might still be getting your emails.
Also, check your tmobile settings and make sure your texts aren't being forwarded. Thats likely how he got the unlock code to port your number to a new carrier.
Thanks, that's really helpful. I'll check the email forwarding and T-mobile settings. I think they got into my primary email by going through my backup email, which was less secure and probably had a password which, at that time, was the same as another website.
I was planning to write about this in the next part, but as for porting my number to a new carrier, they need to know two things: My account number and the last 4 of my SSN. Apparently, number porting is federally regulated and they must have the same porting requirements for every user. For T-mobile, it's those two items. It is illegal for them to add any security measures to my account to prevent my number from being ported again. At least, that's what they told me.
I think it's "cutee" that this psycho thought he could get away with this! Yeah right.
P.S.
What kind of an idiot does this thief have to be to send funds to their victim's girlfriend?! lol 😂
I assume Shen had sent you money on venmo before.
the thief was trying to esatblish himself with the app on his the new device by first sending money to a known contact.
If you log in from a new device and immediately start sending money to people who you've never sent money to before, its a red flag. So the thief logs on and starts by sending money to someone that's on the victims contact list already.
That's what we figured, but still. You'd think he'd hit someone a little farther down on the list.
Poor you what a hassle. I would have been terrified. I very impressed with the way you handled the situation. Hope it goes OK from now on. Followed
Go away, bot, nobody wants you here.