Maryland woman loses $17K in SIM card swap scam despite two-factor authentication
HTML-код
- Опубликовано: 24 янв 2024
- A Maryland woman got an email thanking her for the purchase of a new phone at Verizon. Minutes later, her contact information at Bank of America had changed.
The problem? She didn't do either transaction and had two-factor authentication on her accounts. We all know criminals have multiple ways to steal your identity, but 7News is sending out a warning.
READ THE STORY-- wjla.com/features/i-team/scams...
_______________
Stay up to date with our social media:
7News on Facebook: / 7newsdc
7News on Twitter: / 7newsdc
7News on Instagram: / 7newsdc
Subscribe to WJLA on RUclips: / @7newsdc
Daily News Playlist: • WJLA Washington, DC - ...
For more information, visit wjla.com/
Have a news tip? Send it directly to us:
Email us: newsdesk@wjla.com
Call the Newsroom: 703.236.9480
WJLA is the local ABC affiliate for the greater Washington DC area. From our studios in Arlington, VA ABC7 covers national and local news, sports, and weather.
#WJLA #DCNews #7NewsDC #Scams #scandal #simcard #simcards #fraud #story #maryland
This video and all Sinclair Broadcast Group content archives of local news and sports coverage are available for your use. For more information contact us at contentsales@sbgtv.com
There needs to be a huge lawsuit against Verizon for not validating user identity before any phone or sim is activated.
Sim swapping been here never leaving either
Right
It's not just Verizon it's every cell company. I had mine happen with T-Mobile.
Verizon’s customer service people don’t know anything. It looks like customer service is outsourced to another country, likely the Philippines.
How do you think the crooks got her bank info? They didn't get it by activating a new sim.
When a business says "Unfortunately there's nothing we can do"
Contact your local TV station
Exactly looks like that's what changed the bank's mind
Na. Lawsuit time. Mega billions.
😂😂😂
@@00tact
Lawsuit and TV station time !
@@tw8464: Yes -- Sir. This is why the media is in business doing what they do. Their bread is buttered by other jams and spreads from other sources from the nebulous and dubious.
If it wasn’t for the media, taking on her story and getting it out there, Bank of America would’ve never given back the money.
They are scammers themselves
Bank of America is a crap bank.
Yup, Bank of America is the worst.
so true
Exactly! And that scares me because I bank with them.
Banks shouldn't do anything without the person being at the bank with proper ID
The phone company is the weak link . They need to be held accountable.
Exactly! 👍
Just like the car company doesn't fix it so people can't drive a car but has made it easier to be stolen
Agreed.
Not a problem with Metro PCS they have 2 more codes you only the customer knows...
The weak link is fools shopping and banking online.
How the fuck can a Verizon rep change someone's sim without asking for an ID? Beyond stupid and should be sued!!
They had an ID. A picture ID. You can make one in about 3 minutes. Flash it to the $15/hour clerk behind the counter and bingo, you are all set with you new phone. Sheesh! Do people really think an ID is some sort of security measure ?? Kids have been flashing fake IDs to buy beer for the last 50 years ;-)
Similar thing happened to me, and it's not just for verizon, most, if not all the phone companies are like that
It's because the store clerks don't get paid enough to care. A lot of times they do whatever they can to get a commission, because they're surviving on a mere $200 a week without it. "Need a new phone while out on vacation without your ID? Not a problem."
Probably an inside job...
When the person who sold the phone and activated, without verifying the person, should be responsible!
We take identity theft seriously, once you contact my manager's manager and get declined and have to file a lawsuit to get us to do anything.
Sim swapping should be a life without parole kind of crime.
No
We need to close the border and mass deportations entire bloodlines with first 2 generation's cause they all came illegally at one point
While murderers get parole? You must be joking.
@alexshank1414😂😭
That penalty is kinda steep. Nice!
So phone companies don't check IDs? I'd sue the phone company
She just lost 17k unless she can afford an attorney
Is your name Karen?
You are correct. 👍
Fake ID?
No but you should have a pin on file with the phone carrier
It was probably a manager at the phone store. Worked for a major phone company and the employees were bigger scammers than the scammers that would come in.
It was definitely an inside job
Yeah I don't trust anybody.
There always is an accomplice. Many years ago my boss had her wallet lifted in a store and within minutes several laptops were purchased at a store at least 30 minutes away. The only way this is even possible is with someone working at the Best Buy that rang up the purchases using the stolen CC. I actually got them busted because the idiot pick pocket used her points account to get points. Not a very bright move on her part but greed sometimes makes brains 🧠 not function properly 😂😂
That's what I'm saying! There is NO WAY this scam is as big as it is from somebody "convincing the phone company" of their identity.
I used my debit card in a long established resale shop and still don't know if the card reader contained a skimmer or somebody nearby with a scanner lifted my info. It was irritating to go into my bank, then wait for a new card, file a police report and file a complaint with my atty general.
I can understand how they got control of her phone number but there has to be more to the story. They would also have to know which bank she deals with, her account number and her pin number.
I have a sense she got one of those fake emails telling her that there was some problem with her account and she needed to log in. That would provide the criminal with her bofA user ID and password and phone number (if she is not yet enabled two factor authentication)
By going to Verizon and buying a new phone without checking for id which gave them the access to her number and phone. I’m betting it’s someone at Verizon.
They said all this in the video guys lol
Also, if you ever need to "recover" your password, it takes the 2FA to gain control and change the password, which uses either your phone to text a code or an email address to email the code.
So all someone really has to do is get your phone number and your email address. Then they can attempt to get your sim.
Once they have that, they can go to your accounts -- email, bank, utilities, you name it -- and start changing things because they are, thanks to today's technology, in effect, you. All the verification codes you would normally get are now going to them. Your service on the phone in your hand is dead, so you aren't getting those codes.
As far as I know, the only way to protect yourself is to immediately contact your service provider to see what you can do to lock the SIM down, using authentication apps, and using a unique login name or email address that you don't use publicly just for your banking, shopping, and service provider logins
Well, that 17K was transferred to a specific bank, with a specific account number associated with a specific name! That’s where the investigation should start. Am I missing something?
Exactly. I don't think the news reporter completely understood what happened. They just made it sound like if someone swaps your sim card they have access to your funds. It don' t work that way.
THANK YOU FOR BRINGING THIS TO LIGHT I NEVER EVEN KNEW IT WAS A THING.
They did NOT verify with her, she did nothing wrong. This was a massive security lapse with BoA and Verizon
Verizon isn't responsible for providing account security for BOA. BOA and ever other bank out there knows that this sort of thing happens yet they continue to force people to rely on their phone for security. That is wrong.
@@stefanpuffer both are responsible. Cellular carrier is responsible for "opening the door" to allow the scam to succeed. The bank is responsible for not allowing other types of security protection (auth apps, their own financial apps, email etc).
Yeah. But the point is she escaped because she wasn't playing their game. If you don't put your data out there, nobody can steal it ...whoever might be ultimately responsible.
Verizon sent her an email
@@stefanpufferWho even thought about this? Why not single use codes and a secret PIN?
Love how all these companies resolve the issue once a news channel gets involved
Yep, reminds me of a complete horror story where a woman went to a gym for a routine workout. The gym's registration thing wasn't working properly, so the staff had guest write down their information. The woman wrote down her information and put her card, apartment keys and cellphone in a locker and locked it. She did the workout routine and after,she went back to her locker and was horrified to see that someone had used a pliers to open her locker and her card, apartment keys, and cellphone were gone. She immediately notified the gym staff who didn't seem very sympathetic. She was able to use a gym computer or something like that and watched in complete horror as her money was rapidly being spent without her being the one spending it. She called her bank using the gym phone number and they weren't very sympathetic to her either. They blamed HER for the theft. 😱 She went on social media and called the news and soon she was told her bank would be reimbursing her stolen money. And the gym admitted they shouldn't have let people register by manually writing down information.
I'm not sure about this, but I think the pressure probably came from social media, and the news took the story to save face for BOA. Seems more likely to me.
I'm going to get the news media to do a story on the state bar
Yeah. "Mainstream media" that people of every political persuasion like to put down, actually still has an important role
The problem is you have to give the pin to the Customer service of your cell phone company over the phone. That's a problem because it sounds to me like Employees working at such places already have access to your information or could be recording it when you are telling them over the phone and using it down the line or even selling it to someone.
Had this happen to me in the UK. Started with getting multiple dropped calls to my phone, before I got an email thanking me for reporting my phone as stolen. My phone was right in front of me, but when I looked at the screen it said ‘no service’. Within an hour they’d taken everything out of my bank account, and tried to set up Apple Pay. A horrible experience.
Her first mistake, banking with Bank of America 🤦♂️
Yes, that was my immediate thought, too. Why do so many people use that bank?
@@virginiamoss7045they have the most locations world wide I believe
Lmaoooooooo
These stories slways seem to involve BOA or Chase. Use a local/regional bank where they can't escape the bad press
Her second mistake is leaving too much money in the account 17K is a lot to keep an account
Seems to me the phone company (Verizon) is 100% liable for being scammed into assigning and existing number to the scammer's phone.
It is their fault yes, but why is the bank relying on Verizon or any other cellular company to provide account security? It's flawed yet the banks continue to do it even though they know the risks.
@@stefanpuffer That's probably because the manager and/or teller were in on it. A transaction that large is supposed to trigger money laundering protections to try to keep the money from going to groups like narcoterrorists or just being used for tax evasion. I'm curious why the bank didn't have proper controls in place to prevent the improper withdrawal. (That's independent of the fact that the person withdrawing the money wasn't authorized to do so in the first place)
The scammer needs a lot more than just going through a two-factor authentication, like the name of the bank, the account information (sign-in name), and then the PASSWORD. They can now do the two-factor authentication. This is so unbelievable, and the lady deserves what she got. Is it really Verizon's fault for the lady to give out all this information?
@@kenough They probably gained access to her email and just plugged it into all the major online banks and ran a password reset request. Once it hit (showing 2FA was required) they had to get the SIM swap done but they were also likely able to get through Verizon security by having her email access.
I stopped giving up my SIM card when I get a new phone years ago. I don;t want even the possibility that my old SIM card is floating around with info on it.
I worked at a major cell company for a long time. The store personnel work on commission or low salary plus commission. The store employee had more incentive to sell the phone than to check to make sure he or she had the correct customer. This is why the store person neglected to check for the passcode on her account.This allowed the customer to be hacked.
No questions for the bank as to why they initially refused the obvious claim? This is entirely between Verizon and the bank.
because somehow they had her credentials to log into her account which had nothing to do with the phone.
Verizon cannot share specifics but they can easily make your life a hell by swapping your sim over the phone with someone else!
What a joke
There's a reason thieves and scammers go to Verizon. It's because Verizon allows it to happen just to get a sale. They refuse to ask for ID to prove who the person is. At&t always asks for your ID. So does most smaller cell companies like Mint Mobil. Only VERIZON keeps letting thieves go into their stores and buy phones and phone plans in somebody else's name w/o requiring ID. So the POS criminals know where to go every time they steal a credit card, or get someone's information. Go into any Verizon store and act like you are getting an expensive phone and phone plan. Then see how they NEVER ask for ID.
Every other cell phone carrier insists on ID. Why won't Verizon? 🤔
Verizon is using a “privacy” cop out to claim why the won’t release information about their “investigation” of their own mess-ups. In reality, there is no “privacy” issue since the information is being asked by the victim who is releasing Verizon from any privacy concerns.
Then dont use 2 factor. Use biometric fingerprint scanning. Bofa app has that option.
My sons church brought in traveling evangelist when he was a teen. One would call my son every Friday evening, telling him to leave us and go preach the word. My son asked if I could have his number changed. I called Verizon and they turned his phone off. I had to get him to call them because I bought the phone for him , to have it reactivated they said.... Such a hassle. But worth getting rid of the child predator they' brought to the church..
Criminals are working with company employees now.
It has to be an inside job with the employees of the carrier.
@brightnright6768 It will only getting worst with this DEI bullshit crap world that we live in now. Not to mention in the airline industries with the highest safety concerns…SMH!
Inside job for sure.
CRIMINALS ARE THE GOVERNMENT NOW OR DID YOU MISS THAT CHAPTER
It absolutely does not have to be. Although it could be.@@Jblaze024
Phone companies by law should be required to verify and record the identity of the customer and employee that conducts a sim swap. Once there is a trail it will help catch these scammers. Only then will these identity theft cases will slow down.
Correct and excellent explanation of what is required - at the least - in order to stop this kind of rip off.
Phone companies then should be held accountable for not making sure that person is the rightful owner and pay all thefts.
This almost happened to my mother last year. Her phone shut off, and the thieves ordered a new phone. The reason they could not rip her off was because my mother is older and never does online banking. She doesn't trust it. She also was in touch with the phone company the same day to have the order for the new phone cancelled. She does not use two factor auth. I'm not saying you should not use two factor auth, but in my mom's case, her being old fashioned is what saved her.
Kinda like how the US military uses older computers that no one knows how to hack anymore to manage its nukes.
@@dylanattix2765 That was the old system. They're upgrading.
I have had several people tell me I could use my phone for banking. As another old paranoid person, I do not trust it.
@@dawnelder9046 agreed! I don't install banking apps on my phone !
I’m glad your mom’s ok
SIM-swapping is something that has been known as a vulnerability for MFA for over a decade now. What boggles my mind is how many banks still support only text messages as a form of MFA.
My credit union used text codes and I contacted them with my concern that it wasn't the most secure 2FA/MFA method. All I got back was acknowledgement that they got my message.
What's more baffling is that even Metro by T-Mobile requires a PIN made upon account creation. Dafuq kind of service is Verizon offering?
In Australia the banks are fully responsible for any fraud involving any accounts. Defraud away!
Then dont use it. Bank of America app gives you the option of biometric fingerprint scanning instead.
@@senatedocument2646 Only for login as a replacement for your password login. Does absolutely nothing for 2FA, Bank of America does allow for Passkey usage for 2FA as well, but still allows SMS as a fallback.
MFA is only as good as the weakest link.
Seems like Verizon should be responsible not the bank.
this is why i wish I had a cabin in the woods 100 miles away from people
The amount of stress this causes is immeasurable
Common sense combats it
@@GodAboveAaE how did she do anything that didn’t display common sense?
You know how much stress I have from stuff like this by NOT having a cell phone? ...NONE.
The companies should also be sued for that!
What the heck? The particular store that the scammer walked into and requested a new sim card does not have video surveillance cameras?
That's the false narrative. That's why they never catch the hackers. It could be cia, nsa, or other local/foreign government agency. All your safe guards get bypassed during hacks.
The phone stores are in on it
@@niceclaup1 you are correct because I was hacked a couple of times and found out that you cannot sue the phone companies when this happens..
Inside job
Interesting. In NZ to swap your number over you have to have the old SIM card available to authenticate the swap with before the number can be swapped over. This limits the ability for people to walk in and steal your number easily.
There needs to be some major lawsuits associated with these large companies, too many data breeches.
So the $17k says it was withdrawn at a bank teller. So whoever disbursed that money to the criminal is also fired.
Especially since the person withdrawing is in a different state than the address than the bank account has on file
@@GizmoAlys this. this definitely could’ve been prevented but it more than likely was also an inside job
@@GizmoAlys Many banks operate in multiple states. I've actually had to withdraw money from my account at the teller window in a bank in two different states. The kicker is that I've needed official state-issued photo ID to do so... Gotta wonder why that very basic step failed at the bank.
$17k means that it was probably not the teller alone, there was probably either a manager or it was a teller that was working with the scammers. $17k should be well above the threshold for various money laundering regulations to kick in.
@luluisfunny no I don't doubt people do that.
But this person emptied an ENTIRE bank account of 17k. That should have been a big fat red flag, lol. Unless the teller was in on it or something.
No BS, my bulletproof way to prevent this from happening is to have $0 balance in my account
That works every time.
I would also recommend that you place a "credit freeze" on the three credit agencies, that way no one can open a loan with your information.
Yeah try to have less as I can on my two bank accounts, rather keep cash in my safe.
Put most balance in savings not checking make bank have to contact you if transaction over $1000.
Also, if you don't use your cc often, go into your bank app and lock the card. That way, if someone gets the card info, they can't use it.
This is insane.
I’m so sorry she went through this. 😔😣
So the phone company that gives the scam person or phone number should be held accountable
Sounds like an inside job with these phone carriers.
It's the bank's responsibility. They shouldn't be using cell phones as an authentication method.
it's the phone company's responsibility, they shouldn't just willy nilly allow anyone to walk in the store and just take your number @@stefanpuffer
They should be accountable for getting her phone number back. Why is the bank using the phone company to authenticate their customers?
THE PROBLEM IS NOTHING IS DONE TO THESE SCAMMERS WHEN THEY GET CAUGHT…
that's not true, they face serious charges. Unfortunately they rarely get caught,
Except most of them are overseas in some foreign country, Lagos, Russia, whatever, we can't do a damn thing about some petty criminal living in Lagos
@@HobbyOrganist not in this case, someone went to a physical store to buy the new phone with the sim card
In Russia, Turkey, Albania, Uganda?
Same issue with criminals on the street, they rob and steal and nothing happens to them, but the GOOD people get screwed
They had a lot more than her phone number. Password managers, unique passwords, and not duplicating credentials across accounts is probably what truly would've saved her.
The banks and the cell phone carrier should be held liable. This is such a threat to the stability of our entire social/economic system. If it is not safe to keep our money in the banks people might realize how much of a fraud our entire system is if we all tried to withdraw our money, which actually doesn't exist.
You mean to tell me that someone can just walk into the phone store and say that my phone number is their phone number and completely lock me out of my phone and steal my identity? This seems like the phone company’s fault, so the bank is probably going to sue them to recover that $17K, but something needs to be done so that someone’s identity is not so easily stolen.
The bank won’t do anything. They will just raise rates and fees. If it came out of their pocket they would clamp down on this crap.
No, phone service is just that...phone service. It was never sold as a way to security your bank account. The banks came up with that and it is flawed yet they continue to do it.
Basically yes. But typically the person calls the phone company with a story like, "I dropped my phone in the ocean- etc. I bought a new one but I need you to set the new phone number to this new device I bought." Once the phone company switches your number to their phone they typically try to log onto your bank and say they forgot the pass and to please send the new code via text - to the phone number that they have just hijacked. It is scary.
I have Bank of America but they will not allow me to do large purchases/withdrawals without me being at the place - This is terrible.
First the scammer needs to know a person's phone number, their ssn,their full name, and their bank account number or login name. And they needed to have the drivers license/ID card. And they needed to look like them.
And this story is claiming the scammer passed all of that and got away with it. The bank and Verizon screwed up then. Something's not right.
@@marshallhughes4514 I am not understanding how they got past a two step verification process. Can someone explain?
This was a Verizon employee who did this. No way you can walk in a Verizon store and just get a new phone without A LOT of information.
The crooks cannot access her bank just by having her phone number.
That was my thought. I don't have any banking or credit card info on my phone.
Inside job. Spirit airlines employee used my credit card number to pay for friends flight. It took me a month to convince the bank it was not me.
There's probably a LOT of details the story left out, there's always 3 sides to every story@@SilverSergeant
Nonsense. It happens more than you know with mobile telephone network operators.
It is caused by poor procedures for identification checks and a failure by personnel to adhere to the procedures.
Someone who knows her name, number, and bank username is the master behind this. Look closer for the criminal!!
$17K ??? that's a lot of money for the BoA to allow a thief to withdraw this hefty amount of money and failure for the CS to fully conduct assessment for withdrawal transactions. Something's really fishy for both Verizon and the Bank of America.
This happened to my husband’s phone 2 years ago- we are still in the midst of a lawsuit against T-mobile. When the phone shut off, he got an email alert that someone somewhere in Europe had initiated the SIM card swap although we are in the US. The phone company needs to pay if they making identification theft so easy for scammers.
I hope you win your lawsuit, they should be doing background checks on their employees.
I can tell you, you probably had a smart watch on your account or "Internet of things" line as well. Your email was hacked firstly, allowing for the hacker to gain access to 2fa, they found the bill in the email they hacked, found the primary phone number, deleted all traces of email activity while they set up your future credit's demise after cloning your number because your account didn't have a certain code applied, "DBLOCK", being the main cause of what opened your doors to the hacker past your email getting hacked firstly. I'd sue Google firstly 😅
Jesus Christ loves you all so much God bless you all thank you our Lord and Savior God Jesus Christ The Holy Spirit i love you more than anything Amen
@@laceyjoe5933 Your comment was inappropriate and apathetic! She was scammed and this had nothing to do with religion. You are a part of a larger problem in this country about religion.
It's a shame whenever there's a problem at Bank of America they won't do the right thing until the customer's issue(s) make the news. I speak from experience in this.
I extend a heartfelt salute to you, Adriannotch , for your relentless efforts in aiding scam victims. These despicable scammers deserve to face public exposure and humiliation for their actions. They have no rightful place in our world. Sir, your exceptional work has our unwavering support. May you and your associates continue to wield great power in this fight. We stand by you from Dalry, England. More power to you!
Shouldn’t Verizon take responsibility for this? They should require proof of phone number ownership before giving out a new phone.
No because it's not Verizon's responsibility to provide secure access for banks.
Verizon is responsible for getting her number back to her phone, and for giving her a refund for the month she didn't have that number available. Why would they be responsible for her bank's failure to properly identify the bank's customer?
@@stefanpuffer Two factor authentication was used. Had Verizon not provided a phone to someone without verifying they were the owner of that number, this wouldn’t have happened. I’m no Bank of America apologist, I closed my accounts with them ten years ago and will never go back. However, what is a bank supposed to do if the security features are used as intended? If I respond to a phishing email with my login information is the bank responsible for the person who used the information to transfer money out of my account?
@@lindamurphy3969 besides two factor authentication, the scammer needs a lot of other information. Where did they get this information?
the biggest problem is us. We demand things be easy to do and we do not want to have to go to the store to do anything. People want to place and order online and have it sitting at their door step when they get home. Can not wait until the next big thing people start trying to get stopped will be all the waste from getting all this crap sent to our homes. They want to complain about all these plastic sacks but forget how much it takes to ship to your home. This would be a big issue to places like amazon that only ship to you. Maybe brick and mortar stores would make a come back and people would stop being lazy
This is Verizon doing this. A simple check of this person's identification should have pervented this. Verizon needs to be investigated by the FBI and then maybe they will do something about it.
Verizon is THE WORST SINKHOLE OF EVIL
But Trump and Marjorie Green want to defund the FBI.
Have you not noticed that the, FBI is CORRUPT!?!
Inside job
Thank you for the tips!
Scary.
They should start holding banks responsible for allowing fraud to be so easy for scammers versus the actual account holder.
Here in Australia, all banks are required to take full responsibility for any fraudulent transactions, whether at fault or not.
We have many more useful protections than the US.
In this case, I don't think the bank is responsible. You still have to log into your bank account. She clearly allowed her app to auto log in with prefilled id and password. She probably assumed her phone is locked so she doesn't need to worry about passwords in her app.
@@TransConBrilliance Good point, but how is it that they can deny you access to your own accounts versus someone else?
It's always the women
@@OpinionFactChecker She was reimbursed by the bank you can keep your "protections"
Sim card is an inside JOB at Verizon or your cellphone provider.
oh, that makes sense, that's why I got confused at first
The few times I've purchased a new phone at Verizon I had to show my ID and my old phone. Of course someone could claim the phone fell in the river and present a fake ID, but the point is Verizon did require something,. Now what Verizon did with that verification is another question, they might have just looked and said, "OK",..
The carrier probably didn’t ask for her PIN number?
7/11 was an inside job.
@3:15, nope. BoA is not always on your side even where you proved you had not enabled the ID theft.
There was something missing. Because of two factor authentication, passwords and user ID information is often kept on the phone and don't even need to be entered.
Bank of America is just as much at fault. If a customer is reporting such an issue which also prevents them being authenticated on the spot, they should have put a hold on the account to secure it until the issue was sorted.
People are so evil to do things like this !!!
🙄 this is #AMERICA 🙄 a Nation built on thieving, thieves, deceit, dishonor, disrespect and evilness🪑🤦♀️🤔😩🛑
basketball americans literally have rap music about this stuff and how to scam look up scam rap
I looked that up. The depths these people sink to is astonishing. When a culture values crime as "aspirational" it's well and truly fucked. Absolute trash.
"basketball americans" smh @@icespeaker81
Identity theft and digital scamming needs to carry the highest penalties.
Hard time in a tough prison or loss of citizenship and deportation.
With the newer/higher end phones it's optional use a SIM - they have an "eSIM" which is builtin to the phones. I know iPhone 13 as one example I have personally helped someone switch to. Just call tech support with your cell provider and tell them you want to use only the eSIM. Then break the SIM with plyers, throw it away, and you're safe from this scam no matter what. Or Google on how to add the SIM pin if you don't have one. (The default pin is 0000 with Androids apparently, which is needed to set your pin.)
I know someone who was sim swapped by employee at AT&T. They lost $220k, AT&T kept saying they were not responsible for what there employee did after lawsuit it was settled out of court.
This is the phone company’s fault, and not the bank’s: They must require absolutely bulletproof ID before issuing new SIM cards, and we all need to be prepared to provide such ID on a moment’s notice.
Actually I blame the bank because they are relying on the phone company to provide account security. Any expert will tell you to not use text to your phone as an authentication method. Unfortunately many banks continue to use this insecure method to protect accounts and that is wrong.
@@stefanpuffer, your point is reasonable, but I don’t think many consumers are sufficiently familiar with, nor even aware of, other alternatives, to be able to deploy them widely.
Why would that be the case? The bank is relying on random third parties (phone companies) to provide identification and authentication. That's terrible. The bank should be providing alternatives, and they should be responsible for making you aware of the alternatives.
@@mr88cet In some cases though there aren't many alternatives to do 2FA although for example, I do see that Microsoft is employing a 2FA app that people would use to authenticate their accounts versus getting a code on their phone via text. This would be a good step in the right direction but not all banks or services have these apps or have signed up for services that provide this.
No, stop encouraging the surveillance state. Privacy is more important than anything. The issue is forced 2FA.
So once scammer can receive texts intended for you on their phone and then selects forgot password or user id on bank login - But forgot password or user id to what? how would scammer get victim's bank account login id? If scammer selects forgot user id then bank will at least need account number to locate registered phone number where it can send text (meaning account login and phone number pair). How was that information accessed by scammer?
The phone company should reimburse.
They gave away the sim to another.
Verizon has to have to video of the perp. Also, that perp had to transfer those funds somewhere, which can be traced electronically.
You know the video shows one of their own employees doing it so you know they aren't coming forth with said video.
The money goes out of the country within hours. They use Western Union.
@@isabellaflorentina7574 Yep, sim swaps are almost always an inside job. I worked at verizon a while back and some of my coworkers were extremely shady characters, not to say that any other carrier is any different but I saw some shit there. Sometimes it's just a lazy employee not following policy on verifying ID/account PIN, but most often it's an employee getting paid by the scammer to do the swap. Which is just INCREDIBLY stupid since the company not only has CC TV in every store but can easily track who logged in to the system to process the swap. I can't understand why anyone would risk their livelihood and freedom for a bit of money, but lots of people aren't exactly critical thinkers nowadays.
If BofA really took this seriously, they’d ditch sms authentication.
Scammers text T-Mobile reps then offer $300 to do a sim swap. The agents need easy money and do the swap then the scammers drain your accounts because its as if they own your phone. The best solution honestly is to get a newer phone with the digital sim and use the digital sim card. These cannot be swapped.
A porting pin ONLY applies when you’re porting your number to another carrier. If you obtain one and don’t use it, it expires. It would NOT have prevented this issue.
Bank of America doesn’t take fraud as seriously as other banks. I use to work there.
Because they are frauds themselves
disgusting. why is boa still around?
Everytime I've been in a Verizon store, they check ID before they'll even talk with you.
So do bars and nightclubs. IDs are useless, I thought most people realize you can print one up on in 3 minutes. An ID is just a useless artifact from the last century. A total joke actually ;-)
The worst part is sim swaps are almost always an inside job. The customer can do all their due diligence, phone companies & banks can implement all the security measures in the world, but there will always be a point of failure in the form of idiots on the inside. All it takes is one phone store or bank employee to either take a bribe or fail to follow ID check/account PIN policies.
OMG what a nightmare! How the heck is that possible?
SOME OF THESE BANKS ARE NOT DOING ANYTHING.
This happened to me more than 10 years ago (not $$ theft part). My phone suddenly was 'no service'. Went to AT&T and they revealed that another store had just given my phone # to someone else. What was crazy is I had to prove who I was AND give them a PIN to get it restored back to me!
Idiots
I think they were right to ask you for your ID, but it is strange that they gave out your number to someone else.
@@joshr8666 that’s my point.
How is that even possible?
@@karami8844 Corrupt phone store employee.
They don’t ask for photo ID at the store? AT&T won’t do anything for me unless I show photo ID, and even then sometimes they say I need to call and do things over the phone vs. in person at the store.
the whole foto id thing is useless. my mother's twin likes unlocking her phone for Lulz! and they are one of the few twins with near matching fingerprints.
I bet it was linked to a Verizon employee. How do you "convince" a Verizon store that it is your phone number without the phone or any other documentation????????
This is unacceptable and both financial and mobile institutions should be held accountable. No one needs this bs these days among other things people have to deal with.
Phone service providers should need to require authentication for sim swapping. They are the weak link here.
Exactly! 👍
Banks should not rely on phone service providers to security their account. The banks are the weak link here.
Apple phone or phone carrier has option to enter a sim lock code. I know you must enter it whenrver you jave to turn your phone back on.
I dont know if you can lock SIM card without turning off phone.
This are the inherent Dangers and weakness of Banking with your Cell Phone.
This is why I never put my banking information in a stupid telephone or computer every company is sharing and selling our person information to the highest bidder
the news didn't do a very good job explaining and made it sound like the scammers withdrew money only by swapping the service on her phone. The scammers somehow had her banking credentials as well.
@@kalidileriousprobably through a cloud for her phone like icloud
@@jtika1978but how were they able to login to her iCloud when setting up the phone without her password? There’s so many things they would need to pull this off that the news report doesn’t mention
So was it done by an employee?
Most likely yes
@@ceo2586 life in prison
I have had a cell phone for over 20 years and I have never heard of being able to walk into a store, not show identification or prove who you are, before they will even speak with you, let alone give you a new SIM card and make changes to an account!!
This makes no sense at all, I do not understand how this even happened. I really hope that the phone company is taken to court. This is madness and lunacy!!!
Sounds to me like the carriers who do these SIM card swaps without verifying people's identities are the one who are and should be held responsible... perhaps employees at these carriers are in on the scam.
This sounds like an inside job. How would the scammer know her phone #, that she banked at Bank of America, her account #, and that she used TFA?
They also need the PASSWORD before two factor authentication is started. Hmmmm.......
if you ever write a personal check, chances are you are giving out your name, address, bank account #. Your phone number can often be found out via public web. And if you use weak password for your account, game over.
It usually sucks to have no money, but in situations like this it works to your advantage!
Dear Smirk 2452: Life isn't that bad after all, eh?
🤦♀🤦♀🤣🤣
When confronted with online fraud evidence, phishing scams, card skimming, personal account profile cloning, bank management usually tells their customers that they agreed to getting ripped off in the fine print of the banking agreement that signed when they first opened their account
How do you activate the new sim with her number by a different person?? Dun they check the identity?
When your money was transferred to a scammer's account in another bank, couldn't they catch the scammer and recover the money?
Exactly! It's all bullshit
Was wondering that too. I know 10 people personally that have been victims to that bank fraud calling scam with the code. And if that money goes into an account I don’t know how he FBI can’t make arrests !
No, and it doesn’t make sense. Be careful with Zelle too. The bank says once they wire money you can’t get it back EVEN though the bank put the money in that scammer’s account. Makes no sense. They say their account is probably closed by now, they won’t even try to retrieve it. Lost lots of money scammed by an online “job”.
The lady should sue the phone company.
If phone companies could get into legal problems from situations like these, they’d quickly enact policies to combat this type of fraud.
The phone company never promised to keep her bank account safe. They should be responsible for getting her phone number back to her, and give her a free month of service for the time it wasn't accesible.
@@darrennew8211 No but the phone company *IS* responsible for not performing sufficient identity checks before changing the SIM card number against the phone number.
So they are liable.
@@deang5622 They're liable for getting her phone number back and fixing any phone problems arising from that. They aren't responsible for what the bank did with her phone number. It's not their job to serve as an identification platform for financial services.
The problem with that is that they have many attorneys, this will be dragged on until she can no longer afford to continue litigation. And it will never go to court because as everyone knows they will end up settling out of court about 3-5 years later.
In Corporate America, the only policies that would be enacted quickly would be ones to protect the phone companies from lawsuits. Who do you think the law makers work for?
well, this is completely, indisputably on the carrier as the breech was during a device token transfer which was not authorized.
how can the onus of this this even remotely be pinned on her?
That's scary!
Why doesn't the phone company call the number that's being requested to move? Just to check?
$17k in her bank account ... how many can say they have that much TODAY ??
I can. But I just transferred it over to savings. 🤣🤣
Thank god there’s always less than 1k in my bank account 😂😂
I get those messages all the time, they send messages saying I bought something or won something. We must all be careful.
I've been switching phones and phone carriers for years. I always port my number to my new service, and whenever I do, I need a special pin code to do this. I'm surprised the scammers were able to do this without that pin code.
Never use my mobile to buy anything.
This didn't happen because of how she used her phone or which apps she has. It happened because her identity was compromised and she used text message 2FA which gave them access to the code. This is why any secure account should use a 2FA app, not a text message 2FA.
Adriannotch You and your teams are angels. You make the world a better place. Scammers take from the world: you give to
Unclear to me what exactly happened.
P.S. That wasn't suspicious to Verizon - that someone who lives in Maryland was purchasing a new phone in California?!? 🧐
People move. They probably verified her info (which was stolen from her).
Many suspect insider job. Scam rings paying off employees.