Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Maryland woman loses $17K in SIM card swap scam despite two-factor authentication | I-Team
WJLA ^ | Jan 24, 2024

Posted on 01/24/2024 8:02:10 PM PST by 11th_VA

click here to read article


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-8081-92 next last
To: mbs6

Good to know - Thanks for the lengthy explanation


41 posted on 01/24/2024 9:41:10 PM PST by 11th_VA (Celebrate Climate Change !!!)
[ Post Reply | Private Reply | To 39 | View Replies]

To: lee martell

me too.

and i don’t carry an apple or google (app based) smart phone either. i still carry a flip or use the good ol’ land line when i need one. yes they keep taking my network away, now they’ve got me up to 4G, and it’s a bother to get them to go around all their tech at whatever financial company i’m dealing with (using an ol’ laptop with out 2fa, a secure email, or snail mail and paper applications for instance), but thieves can’t use their damn insecure apps to steal my money like they did to this lady. much safer to stay as old fashioned as possible when doing financial stuff.


42 posted on 01/24/2024 9:54:21 PM PST by dadfly
[ Post Reply | Private Reply | To 12 | View Replies]

To: devere
They should have video of the perp, so maybe they can track him/her down.
43 posted on 01/24/2024 9:58:30 PM PST by Major Matt Mason (To solve the Democrat problem, the RINO problem must first be solved.)
[ Post Reply | Private Reply | To 14 | View Replies]

>> despite two-factor authentication

Total BS premise


44 posted on 01/24/2024 10:13:28 PM PST by Gene Eric (Don't be a statist! )
[ Post Reply | Private Reply | To 1 | View Replies]

To: Responsibility2nd
Verizon should be on the hook for the $17,000.

In recent years, banks have been requiring cell phone numbers which links online access to a person's phone. The idea is that a person can be easily tracked by the mobile phone, and Big Brother can find them if they do something fraudulent. Sounds like someone figured a way to beat the system.
45 posted on 01/24/2024 10:26:33 PM PST by Dr. Franklin ("A republic, if you can keep it." )
[ Post Reply | Private Reply | To 5 | View Replies]

To: Dr. Franklin

So the only solution will be to embed a chip into everyone.

What could possibly go wrong with that?


46 posted on 01/24/2024 10:35:59 PM PST by dfwgator (Endut! Hoch Hech!)
[ Post Reply | Private Reply | To 45 | View Replies]

To: dagunk

Never use my phone for any money things. I have a hard enough time trusting my WiFi desktop for finance.


47 posted on 01/24/2024 10:37:21 PM PST by VanShuyten ("...that all the donkeys were dead. I know nothing as to the fate of the less valuable animals)
[ Post Reply | Private Reply | To 34 | View Replies]

To: ProtectOurFreedom

how? with inside help.


48 posted on 01/24/2024 10:47:30 PM PST by Qwapisking ("IF the Second goes first the Fes second" L.Star )
[ Post Reply | Private Reply | To 8 | View Replies]

To: 11th_VA

I make no payments over my phone ever, and never use the phone network unless I am our of town. And no auto payments


49 posted on 01/24/2024 10:55:08 PM PST by markman46 (engage brain before using keyboard!!!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: 11th_VA

Which is a major reason we NEVER use our cell phones for banking. Mine is a dumb phone anyways, just a flip phone. All I want is something for calls and texts if necessary.


50 posted on 01/24/2024 11:18:49 PM PST by metmom (He who testifies to these things says, “Surely I am coming soon.” Amen. Come, Lord Jesus…)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Brian Griffin

I’m also delaying the SS until 70, but signing up for a Medicare Supplement was the easiest thing in the world and takes care of the Part B premium.


51 posted on 01/24/2024 11:29:42 PM PST by steve86 (Numquam accusatus, numquam ad curiam ibit, numquam ad carcerem™)
[ Post Reply | Private Reply | To 13 | View Replies]

To: ProtectOurFreedom; All

The scammers didn’t get access to her existing cell phone...they just got her phone number put on a new cell phone (”SIM swapping” doesn’t require a physical SIM card anymore with the advent of “eSIM”). We are not getting the full story here...how did the scammers have her BofA login credentials? (Username & PW). Verizon either very lax/incompetent or we aren’t getting all the facts from the lady victim.


52 posted on 01/24/2024 11:34:08 PM PST by Drago
[ Post Reply | Private Reply | To 21 | View Replies]

To: markman46

Actually, the phone security is extremely sophisticated and works! This topic is about dishonest or corrupted carrier employees, who reassign the phone number. Dishonest or corrupted workers could mess up your accounts even if you don’t own a phone at all, nothing new there.


53 posted on 01/24/2024 11:37:12 PM PST by steve86 (Numquam accusatus, numquam ad curiam ibit, numquam ad carcerem™)
[ Post Reply | Private Reply | To 49 | View Replies]

To: dfwgator
So the only solution will be to embed a chip into everyone.

What could possibly go wrong with that?

Do you suppose they will be required to worship some image of some sort?

54 posted on 01/25/2024 12:12:18 AM PST by Mark17 (Retired USAF air traffic controller. Father of USAF Captain & pilot. Both bitten by the aviation bug)
[ Post Reply | Private Reply | To 46 | View Replies]

To: 11th_VA

Have never done any banking online for this very reason. The bank will be totally liable for any such fraud.


55 posted on 01/25/2024 12:22:01 AM PST by Revel
[ Post Reply | Private Reply | To 1 | View Replies]

To: 11th_VA
Isn't that deducted from SS automatically ?

Not if you haven’t started receiving SS yet.
56 posted on 01/25/2024 2:25:52 AM PST by Old Yeller (On judgement day, you’ll wish you were biblically correctly, not politically correct.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: lee martell
Apologies to you, Lee, but I'm going to use your post as a soapbox.

All FReepers

Please do not think that a password is safe. Ever. Passwords are the easiest way to compromise an account. There's nothing simpler, because you, people, are the weakest link in EVERY cybersecurity practice.

93% of compromises start with phishing. If you respond to a strange email, click on a link, take a phone call from some entity claiming that you have a virus, they WILL take everything. I've seen advanced persistent threats (APTs) literally shut down food banks and not give a care in the world about people who they serve. I've seen APTs shut down a children's hospital and not blink once when implored to allow them to keep network connected vitals monitors online. It all started because someone wasn't careful.

This article is complete trash. It leaves out that the woman was using SMS (text messaging) for multifactor authentication (MFA). SMS and phone calls were deemed unsafe by NIST back in 2015. They're not allowed for any federal agency to use for MFA, and you shouldn't be trusting them either. If your bank uses text messaging, call or email them daily demanding them implement stronger authentication. Your phone can be taken over by anyone with SIM swapping, and it happens far more often than you think. Also, if you think that the underpaid grunts running a Verizon store wouldn't crumble like cheap suits when a bad actor offers them thousands of dollars to help compromise a phone, then you're living in ignorance. It happens more often than you think.

The strongest MFA available right now is FIDO2 leveraging a security key like a YubiKey device. It requires physical control of the device and a physical touch of the device to execute the security chip. A strong second is an authenticator app such as what Microsoft or Google provide. Push notifications are more secure than on-time-passcode (OTP) which is the rolling random number. Again, do not trust that SMS, phone, or email codes are secure. They aren't. All three methods can be compromised with ease.

Please do not dismiss MFA. You do so to your online safety detriment. Please, I implore you, take the steps necessary to guard your identities. It is easier than ever to compromise them.

57 posted on 01/25/2024 2:30:54 AM PST by rarestia (“A nation which can prefer disgrace to danger is prepared for a master, and deserves one.” -Hamilton)
[ Post Reply | Private Reply | To 12 | View Replies]

To: 11th_VA

ussey told 7News that Verizon said someone in California walked into one of its stores and purchased a new phone along with a new SIM card and used Hussey’s current phone number to activate the new phone

THIS HAPPENED TO ME LAST MONTH EXACTLY.
Luckily I dont do banking on my phone I believe they have a piss poor screening hire at the verizon stores. No way they would have gained access to my account and passwords without help from within, beware!


58 posted on 01/25/2024 3:21:04 AM PST by ronnie raygun
[ Post Reply | Private Reply | To 1 | View Replies]

LTR


59 posted on 01/25/2024 3:24:21 AM PST by nuconvert ( Warning: Accused of being a radical militarist. Approach with caution.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rarestia

I never use my phone for banking. I use my stationary computer at home. I have no added apps on my phone -—Samsung A51

I think and hope I am better protected using my boring computer instead of a smartphone for banking


60 posted on 01/25/2024 3:47:28 AM PST by dennisw (Be positive. Every day is a new dayt)
[ Post Reply | Private Reply | To 57 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-8081-92 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson