Maryland woman loses $17K in SIM card swap scam despite two-factor authentication
HTML-код
- Опубликовано: 27 ноя 2024
- A Maryland woman got an email thanking her for the purchase of a new phone at Verizon. Minutes later, her contact information at Bank of America had changed.
The problem? She didn't do either transaction and had two-factor authentication on her accounts. We all know criminals have multiple ways to steal your identity, but 7News is sending out a warning.
READ THE STORY-- wjla.com/featur...
_______________
Stay up to date with our social media:
7News on Facebook: / 7newsdc
7News on Twitter: / 7newsdc
7News on Instagram: / 7newsdc
Subscribe to WJLA on RUclips: / @7newsdc
Daily News Playlist: • WJLA Washington, DC - ...
For more information, visit wjla.com/
Have a news tip? Send it directly to us:
Email us: newsdesk@wjla.com
Call the Newsroom: 703.236.9480
WJLA is the local ABC affiliate for the greater Washington DC area. From our studios in Arlington, VA ABC7 covers national and local news, sports, and weather.
#WJLA #DCNews #7NewsDC #Scams #scandal #simcard #simcards #fraud #story #maryland
This video and all Sinclair Broadcast Group content archives of local news and sports coverage are available for your use. For more information contact us at contentsales@sbgtv.com
There needs to be a huge lawsuit against Verizon for not validating user identity before any phone or sim is activated.
Sim swapping been here never leaving either
Right
It's not just Verizon it's every cell company. I had mine happen with T-Mobile.
Verizon’s customer service people don’t know anything. It looks like customer service is outsourced to another country, likely the Philippines.
How do you think the crooks got her bank info? They didn't get it by activating a new sim.
When a business says "Unfortunately there's nothing we can do"
Contact your local TV station
Exactly looks like that's what changed the bank's mind
Na. Lawsuit time. Mega billions.
😂😂😂
@@00tact
Lawsuit and TV station time !
@@tw8464: Yes -- Sir. This is why the media is in business doing what they do. Their bread is buttered by other jams and spreads from other sources from the nebulous and dubious.
The courage displayed here is truly remarkable. These individuals faced real danger, yet you chose to confront the fraudsters and reclaim their stolen assets. Your commitment deserves great admiration, *Stalwart-Redeem* If law enforcement matched your dedication and ingenuity (not to mention integrity), our country would undoubtedly be a much safer place. Outstanding job!
He is truly exceptional, and his tools are so impressive that I occasionally wonder if he’s even human, haha. The bottom line is that Stalwart-redeem is the ultimate expert in recvering from scaams.
I need this recvery expert for my scaams case also
@@lgillam06 He mostly interacts on Telle grams using the user
*@stalwartredeem* THAT IS HIS USER NAME
@@misstoya01 Thank you so much for this
If it wasn’t for the media, taking on her story and getting it out there, Bank of America would’ve never given back the money.
They are scammers themselves
Bank of America is a crap bank.
Yup, Bank of America is the worst.
so true
Exactly! And that scares me because I bank with them.
It was probably a manager at the phone store. Worked for a major phone company and the employees were bigger scammers than the scammers that would come in.
It was definitely an inside job
Yeah I don't trust anybody.
There always is an accomplice. Many years ago my boss had her wallet lifted in a store and within minutes several laptops were purchased at a store at least 30 minutes away. The only way this is even possible is with someone working at the Best Buy that rang up the purchases using the stolen CC. I actually got them busted because the idiot pick pocket used her points account to get points. Not a very bright move on her part but greed sometimes makes brains 🧠 not function properly 😂😂
That's what I'm saying! There is NO WAY this scam is as big as it is from somebody "convincing the phone company" of their identity.
I used my debit card in a long established resale shop and still don't know if the card reader contained a skimmer or somebody nearby with a scanner lifted my info. It was irritating to go into my bank, then wait for a new card, file a police report and file a complaint with my atty general.
Love how all these companies resolve the issue once a news channel gets involved
Yep, reminds me of a complete horror story where a woman went to a gym for a routine workout. The gym's registration thing wasn't working properly, so the staff had guest write down their information. The woman wrote down her information and put her card, apartment keys and cellphone in a locker and locked it. She did the workout routine and after,she went back to her locker and was horrified to see that someone had used a pliers to open her locker and her card, apartment keys, and cellphone were gone. She immediately notified the gym staff who didn't seem very sympathetic. She was able to use a gym computer or something like that and watched in complete horror as her money was rapidly being spent without her being the one spending it. She called her bank using the gym phone number and they weren't very sympathetic to her either. They blamed HER for the theft. 😱 She went on social media and called the news and soon she was told her bank would be reimbursing her stolen money. And the gym admitted they shouldn't have let people register by manually writing down information.
I'm not sure about this, but I think the pressure probably came from social media, and the news took the story to save face for BOA. Seems more likely to me.
I'm going to get the news media to do a story on the state bar
Yeah. "Mainstream media" that people of every political persuasion like to put down, actually still has an important role
They did NOT verify with her, she did nothing wrong. This was a massive security lapse with BoA and Verizon
Verizon isn't responsible for providing account security for BOA. BOA and ever other bank out there knows that this sort of thing happens yet they continue to force people to rely on their phone for security. That is wrong.
@@stefanpuffer both are responsible. Cellular carrier is responsible for "opening the door" to allow the scam to succeed. The bank is responsible for not allowing other types of security protection (auth apps, their own financial apps, email etc).
Yeah. But the point is she escaped because she wasn't playing their game. If you don't put your data out there, nobody can steal it ...whoever might be ultimately responsible.
Verizon sent her an email
@@stefanpufferWho even thought about this? Why not single use codes and a secret PIN?
You are the exemplification of "with great power comes great responsibility." You have this power and unlike these scumbags, you use it for good *STRONGWIDGET*
I just found your page and have been completely enthralled! I love that you're exposing these thieves. I was wondering if these crooks ever go to jail or get fined. Do they? They should!!! Thank you for helping victims of these thieves. Dont stop!!
The phone company is the weak link . They need to be held accountable.
Exactly! 👍
Just like the car company doesn't fix it so people can't drive a car but has made it easier to be stolen
Agreed.
Not a problem with Metro PCS they have 2 more codes you only the customer knows...
The weak link is fools shopping and banking online.
So phone companies don't check IDs? I'd sue the phone company
She just lost 17k unless she can afford an attorney
Is your name Karen?
You are correct. 👍
Fake ID?
No but you should have a pin on file with the phone carrier
How the fuck can a Verizon rep change someone's sim without asking for an ID? Beyond stupid and should be sued!!
They had an ID. A picture ID. You can make one in about 3 minutes. Flash it to the $15/hour clerk behind the counter and bingo, you are all set with you new phone. Sheesh! Do people really think an ID is some sort of security measure ?? Kids have been flashing fake IDs to buy beer for the last 50 years ;-)
Similar thing happened to me, and it's not just for verizon, most, if not all the phone companies are like that
It's because the store clerks don't get paid enough to care. A lot of times they do whatever they can to get a commission, because they're surviving on a mere $200 a week without it. "Need a new phone while out on vacation without your ID? Not a problem."
Probably an inside job...
When the person who sold the phone and activated, without verifying the person, should be responsible!
Seems to me the phone company (Verizon) is 100% liable for being scammed into assigning and existing number to the scammer's phone.
It is their fault yes, but why is the bank relying on Verizon or any other cellular company to provide account security? It's flawed yet the banks continue to do it even though they know the risks.
@@stefanpuffer That's probably because the manager and/or teller were in on it. A transaction that large is supposed to trigger money laundering protections to try to keep the money from going to groups like narcoterrorists or just being used for tax evasion. I'm curious why the bank didn't have proper controls in place to prevent the improper withdrawal. (That's independent of the fact that the person withdrawing the money wasn't authorized to do so in the first place)
The scammer needs a lot more than just going through a two-factor authentication, like the name of the bank, the account information (sign-in name), and then the PASSWORD. They can now do the two-factor authentication. This is so unbelievable, and the lady deserves what she got. Is it really Verizon's fault for the lady to give out all this information?
@@kenough They probably gained access to her email and just plugged it into all the major online banks and ran a password reset request. Once it hit (showing 2FA was required) they had to get the SIM swap done but they were also likely able to get through Verizon security by having her email access.
I stopped giving up my SIM card when I get a new phone years ago. I don;t want even the possibility that my old SIM card is floating around with info on it.
Dude. I'm a vet, and nothing I ever did in service compares to the most amazing effort you and your colleagues give to protect and enlighten the public in general to this horrendous threat to innocent people. Much respect For this Grind Techiei guys !!
This almost happened to my mother last year. Her phone shut off, and the thieves ordered a new phone. The reason they could not rip her off was because my mother is older and never does online banking. She doesn't trust it. She also was in touch with the phone company the same day to have the order for the new phone cancelled. She does not use two factor auth. I'm not saying you should not use two factor auth, but in my mom's case, her being old fashioned is what saved her.
Kinda like how the US military uses older computers that no one knows how to hack anymore to manage its nukes.
@@dylanattix2765 That was the old system. They're upgrading.
I have had several people tell me I could use my phone for banking. As another old paranoid person, I do not trust it.
@@dawnelder9046 agreed! I don't install banking apps on my phone !
I’m glad your mom’s ok
Verizon cannot share specifics but they can easily make your life a hell by swapping your sim over the phone with someone else!
What a joke
There's a reason thieves and scammers go to Verizon. It's because Verizon allows it to happen just to get a sale. They refuse to ask for ID to prove who the person is. At&t always asks for your ID. So does most smaller cell companies like Mint Mobil. Only VERIZON keeps letting thieves go into their stores and buy phones and phone plans in somebody else's name w/o requiring ID. So the POS criminals know where to go every time they steal a credit card, or get someone's information. Go into any Verizon store and act like you are getting an expensive phone and phone plan. Then see how they NEVER ask for ID.
Every other cell phone carrier insists on ID. Why won't Verizon? 🤔
Verizon is using a “privacy” cop out to claim why the won’t release information about their “investigation” of their own mess-ups. In reality, there is no “privacy” issue since the information is being asked by the victim who is releasing Verizon from any privacy concerns.
Then dont use 2 factor. Use biometric fingerprint scanning. Bofa app has that option.
My sons church brought in traveling evangelist when he was a teen. One would call my son every Friday evening, telling him to leave us and go preach the word. My son asked if I could have his number changed. I called Verizon and they turned his phone off. I had to get him to call them because I bought the phone for him , to have it reactivated they said.... Such a hassle. But worth getting rid of the child predator they' brought to the church..
Working with the industry where people come to them after being exposed to these guys makes me feel like there is some hope in the tech world. This scams needs to stop and I feel like *Strong widget* on the internet have the power to do it.
Keep it up!
SIM-swapping is something that has been known as a vulnerability for MFA for over a decade now. What boggles my mind is how many banks still support only text messages as a form of MFA.
My credit union used text codes and I contacted them with my concern that it wasn't the most secure 2FA/MFA method. All I got back was acknowledgement that they got my message.
What's more baffling is that even Metro by T-Mobile requires a PIN made upon account creation. Dafuq kind of service is Verizon offering?
In Australia the banks are fully responsible for any fraud involving any accounts. Defraud away!
Then dont use it. Bank of America app gives you the option of biometric fingerprint scanning instead.
@@senatedocument2646 Only for login as a replacement for your password login. Does absolutely nothing for 2FA, Bank of America does allow for Passkey usage for 2FA as well, but still allows SMS as a fallback.
MFA is only as good as the weakest link.
Criminals are working with company employees now.
It has to be an inside job with the employees of the carrier.
@brightnright6768 It will only getting worst with this DEI bullshit crap world that we live in now. Not to mention in the airline industries with the highest safety concerns…SMH!
Inside job for sure.
CRIMINALS ARE THE GOVERNMENT NOW OR DID YOU MISS THAT CHAPTER
It absolutely does not have to be. Although it could be.@@Jblaze024
What the heck? The particular store that the scammer walked into and requested a new sim card does not have video surveillance cameras?
That's the false narrative. That's why they never catch the hackers. It could be cia, nsa, or other local/foreign government agency. All your safe guards get bypassed during hacks.
The phone stores are in on it
@@niceclaup1 you are correct because I was hacked a couple of times and found out that you cannot sue the phone companies when this happens..
Inside job
That's a great indicator that they know they are committing crimes.
Happening at more work places than people would expect.
If there's no cameras, you probably don't want to work there...
(In my working experience, any place that refuses to install cameras is usually at fault for either criminal activities, falsifying documents, or generally some kind of evading the law for some reason.)
And you don't want to get involved. 😅
So the phone company that gives the scam person or phone number should be held accountable
Sounds like an inside job with these phone carriers.
It's the bank's responsibility. They shouldn't be using cell phones as an authentication method.
it's the phone company's responsibility, they shouldn't just willy nilly allow anyone to walk in the store and just take your number @@stefanpuffer
They should be accountable for getting her phone number back. Why is the bank using the phone company to authenticate their customers?
I am from Kentucky and I love you for doing this *Strong widget.*
These scammers are worse than insects, ruining most country's and city's name. I don't know how are they so proud of scamming people.
I pray that anyone who reads this get a successful money recovery in life. Successful people don't become that way overnight. What most people see at a glance-wealth, a great career, purpose is the result of hard work and hustle overtime
So the $17k says it was withdrawn at a bank teller. So whoever disbursed that money to the criminal is also fired.
Especially since the person withdrawing is in a different state than the address than the bank account has on file
@@TrashScoutMain this. this definitely could’ve been prevented but it more than likely was also an inside job
@@TrashScoutMain Many banks operate in multiple states. I've actually had to withdraw money from my account at the teller window in a bank in two different states. The kicker is that I've needed official state-issued photo ID to do so... Gotta wonder why that very basic step failed at the bank.
$17k means that it was probably not the teller alone, there was probably either a manager or it was a teller that was working with the scammers. $17k should be well above the threshold for various money laundering regulations to kick in.
@luluisfunny no I don't doubt people do that.
But this person emptied an ENTIRE bank account of 17k. That should have been a big fat red flag, lol. Unless the teller was in on it or something.
Her first mistake, banking with Bank of America 🤦♂️
Yes, that was my immediate thought, too. Why do so many people use that bank?
@@virginiamoss7045they have the most locations world wide I believe
Lmaoooooooo
These stories slways seem to involve BOA or Chase. Use a local/regional bank where they can't escape the bad press
Her second mistake is leaving too much money in the account 17K is a lot to keep an account
The amount of bravery this took was INSANE. These people all had their lives in danger, but still decided to go through with the recovery for the sake of busting bad scammers. True respect *Strong widget!*
If the FBI was half as dedicated and ingenious (and honest) as you guys are, the USA would be a much safer country.
Amazing work!
The amount of stress this causes is immeasurable
Common sense combats it
@@GodAboveAaE how did she do anything that didn’t display common sense?
You know how much stress I have from stuff like this by NOT having a cell phone? ...NONE.
The companies should also be sued for that!
Don't worry this is fake news
This was a Verizon employee who did this. No way you can walk in a Verizon store and just get a new phone without A LOT of information.
The crooks cannot access her bank just by having her phone number.
That was my thought. I don't have any banking or credit card info on my phone.
There's probably a LOT of details the story left out, there's always 3 sides to every story@@SilverSergeant
Nonsense. It happens more than you know with mobile telephone network operators.
It is caused by poor procedures for identification checks and a failure by personnel to adhere to the procedures.
That’s true. It took over a week for my husband to switch from another carrier to Verizon because when we first got our phones they never listed anyone as the owner of the account and authorized user. We first got our phones over 20 years ago so I’m sure everything was different.
My office is in Salt Lake, Sec V, Kolkata..we've got several companies in the same building, last week we've received a message from the facility manager asking us to report any illegal activities related to online scam and this one was from local cyber crime cell. Thanks *Strong widget on the internet.* This thing is happening for real. Keep up with your good work.
This happened to my husband’s phone 2 years ago- we are still in the midst of a lawsuit against T-mobile. When the phone shut off, he got an email alert that someone somewhere in Europe had initiated the SIM card swap although we are in the US. The phone company needs to pay if they making identification theft so easy for scammers.
I hope you win your lawsuit, they should be doing background checks on their employees.
I can tell you, you probably had a smart watch on your account or "Internet of things" line as well. Your email was hacked firstly, allowing for the hacker to gain access to 2fa, they found the bill in the email they hacked, found the primary phone number, deleted all traces of email activity while they set up your future credit's demise after cloning your number because your account didn't have a certain code applied, "DBLOCK", being the main cause of what opened your doors to the hacker past your email getting hacked firstly. I'd sue Google firstly 😅
@laceyjoe5933 Your comment was inappropriate and apathetic! She was scammed and this had nothing to do with religion. You are a part of a larger problem in this country about religion.
It's a shame whenever there's a problem at Bank of America they won't do the right thing until the customer's issue(s) make the news. I speak from experience in this.
I can't praise you enough for being here for the victims! Thank you so very much *STRONGWIDGET* !!
You guys are Superheroes!!! Thanks for looking out for all of us and especially our elderly because they appear to be the most vulnerable. You guys are Aces ❤
No BS, my bulletproof way to prevent this from happening is to have $0 balance in my account
That works every time.
I would also recommend that you place a "credit freeze" on the three credit agencies, that way no one can open a loan with your information.
Yeah try to have less as I can on my two bank accounts, rather keep cash in my safe.
Put most balance in savings not checking make bank have to contact you if transaction over $1000.
Also, if you don't use your cc often, go into your bank app and lock the card. That way, if someone gets the card info, they can't use it.
THE PROBLEM IS NOTHING IS DONE TO THESE SCAMMERS WHEN THEY GET CAUGHT…
that's not true, they face serious charges. Unfortunately they rarely get caught,
Except most of them are overseas in some foreign country, Lagos, Russia, whatever, we can't do a damn thing about some petty criminal living in Lagos
@@HobbyOrganist not in this case, someone went to a physical store to buy the new phone with the sim card
In Russia, Turkey, Albania, Uganda?
Same issue with criminals on the street, they rob and steal and nothing happens to them, but the GOOD people get screwed
This is Verizon doing this. A simple check of this person's identification should have pervented this. Verizon needs to be investigated by the FBI and then maybe they will do something about it.
Verizon is THE WORST SINKHOLE OF EVIL
But Trump and Marjorie Green want to defund the FBI.
Have you not noticed that the, FBI is CORRUPT!?!
Inside job
You mean to tell me that someone can just walk into the phone store and say that my phone number is their phone number and completely lock me out of my phone and steal my identity? This seems like the phone company’s fault, so the bank is probably going to sue them to recover that $17K, but something needs to be done so that someone’s identity is not so easily stolen.
The bank won’t do anything. They will just raise rates and fees. If it came out of their pocket they would clamp down on this crap.
No, phone service is just that...phone service. It was never sold as a way to security your bank account. The banks came up with that and it is flawed yet they continue to do it.
Basically yes. But typically the person calls the phone company with a story like, "I dropped my phone in the ocean- etc. I bought a new one but I need you to set the new phone number to this new device I bought." Once the phone company switches your number to their phone they typically try to log onto your bank and say they forgot the pass and to please send the new code via text - to the phone number that they have just hijacked. It is scary.
I have Bank of America but they will not allow me to do large purchases/withdrawals without me being at the place - This is terrible.
First the scammer needs to know a person's phone number, their ssn,their full name, and their bank account number or login name. And they needed to have the drivers license/ID card. And they needed to look like them.
And this story is claiming the scammer passed all of that and got away with it. The bank and Verizon screwed up then. Something's not right.
@@marshallhughes4514 I am not understanding how they got past a two step verification process. Can someone explain?
I know someone who was sim swapped by employee at AT&T. They lost $220k, AT&T kept saying they were not responsible for what there employee did after lawsuit it was settled out of court.
Sim card is an inside JOB at Verizon or your cellphone provider.
oh, that makes sense, that's why I got confused at first
The few times I've purchased a new phone at Verizon I had to show my ID and my old phone. Of course someone could claim the phone fell in the river and present a fake ID, but the point is Verizon did require something,. Now what Verizon did with that verification is another question, they might have just looked and said, "OK",..
The carrier probably didn’t ask for her PIN number?
7/11 was an inside job.
Bank of America is just as much at fault. If a customer is reporting such an issue which also prevents them being authenticated on the spot, they should have put a hold on the account to secure it until the issue was sorted.
They should start holding banks responsible for allowing fraud to be so easy for scammers versus the actual account holder.
Here in Australia, all banks are required to take full responsibility for any fraudulent transactions, whether at fault or not.
We have many more useful protections than the US.
In this case, I don't think the bank is responsible. You still have to log into your bank account. She clearly allowed her app to auto log in with prefilled id and password. She probably assumed her phone is locked so she doesn't need to worry about passwords in her app.
@@TransConBrilliance Good point, but how is it that they can deny you access to your own accounts versus someone else?
It's always the women
@@OpinionFactChecker She was reimbursed by the bank you can keep your "protections"
Thank you for letting us know that two point authentication is irrelevant.
She is using 2 factor authentication by her phone not using google, Microsoft, 1 password authenticators.
The 2 point authentication with my coinbase account is what allowed the thieves who swapped my SIM to get control of my coinbase account. It is relevant.
@@cryptotaurus333 Tell me about the method you used, did you disabled SMS and used a third-party app like google authenticator? Did you use only authenticator, or did you use both?
2fa is not the weak link, it is your sim card....hint: google voice has no sim and is attached to your google account. You can lock down your google account with advanced settings and physical security keys. Google voice and gmail ar nearly impossible to crack when set up correctly.
Shouldn’t Verizon take responsibility for this? They should require proof of phone number ownership before giving out a new phone.
No because it's not Verizon's responsibility to provide secure access for banks.
Verizon is responsible for getting her number back to her phone, and for giving her a refund for the month she didn't have that number available. Why would they be responsible for her bank's failure to properly identify the bank's customer?
@@stefanpuffer Two factor authentication was used. Had Verizon not provided a phone to someone without verifying they were the owner of that number, this wouldn’t have happened. I’m no Bank of America apologist, I closed my accounts with them ten years ago and will never go back. However, what is a bank supposed to do if the security features are used as intended? If I respond to a phishing email with my login information is the bank responsible for the person who used the information to transfer money out of my account?
@@lindamurphy3969 besides two factor authentication, the scammer needs a lot of other information. Where did they get this information?
the biggest problem is us. We demand things be easy to do and we do not want to have to go to the store to do anything. People want to place and order online and have it sitting at their door step when they get home. Can not wait until the next big thing people start trying to get stopped will be all the waste from getting all this crap sent to our homes. They want to complain about all these plastic sacks but forget how much it takes to ship to your home. This would be a big issue to places like amazon that only ship to you. Maybe brick and mortar stores would make a come back and people would stop being lazy
Verizon has to have to video of the perp. Also, that perp had to transfer those funds somewhere, which can be traced electronically.
You know the video shows one of their own employees doing it so you know they aren't coming forth with said video.
The money goes out of the country within hours. They use Western Union.
@@isabellaflorentina7574 Yep, sim swaps are almost always an inside job. I worked at verizon a while back and some of my coworkers were extremely shady characters, not to say that any other carrier is any different but I saw some shit there. Sometimes it's just a lazy employee not following policy on verifying ID/account PIN, but most often it's an employee getting paid by the scammer to do the swap. Which is just INCREDIBLY stupid since the company not only has CC TV in every store but can easily track who logged in to the system to process the swap. I can't understand why anyone would risk their livelihood and freedom for a bit of money, but lots of people aren't exactly critical thinkers nowadays.
Hey bud, I just wanted you to know that everything you do is necessary and thank you so much for what you do. It's more than just a recovery service, you're helping people. You're actually the push for me to get my degree in Information Technology so that I can protect people from heartless people like this.
Thank you for all you do *Strongwidget,* you're a genius with a big heart and principles. Support and Respect from Britain .
This is unacceptable and both financial and mobile institutions should be held accountable. No one needs this bs these days among other things people have to deal with.
If BofA really took this seriously, they’d ditch sms authentication.
This man really Hit the ground running and hasn't stopped yet. He gives us more understanding of him without interviews and negative antics he just shows us who he is through the Recovery. True living legend. We salute you.
Incredible recovery. The Execution, creativity, and goodness that came from it were inspiring on a number of levels. Cheers *Strongwidget* & looking forward to seeing what you do next!..
This happened to me more than 10 years ago (not $$ theft part). My phone suddenly was 'no service'. Went to AT&T and they revealed that another store had just given my phone # to someone else. What was crazy is I had to prove who I was AND give them a PIN to get it restored back to me!
Idiots
I think they were right to ask you for your ID, but it is strange that they gave out your number to someone else.
@@joshr8666 that’s my point.
How is that even possible?
@@karami8844 Corrupt phone store employee.
People are so evil to do things like this !!!
🙄 this is #AMERICA 🙄 a Nation built on thieving, thieves, deceit, dishonor, disrespect and evilness🪑🤦♀️🤔😩🛑
basketball americans literally have rap music about this stuff and how to scam look up scam rap
I looked that up. The depths these people sink to is astonishing. When a culture values crime as "aspirational" it's well and truly fucked. Absolute trash.
"basketball americans" smh @@icespeaker81
This is why I never put my banking information in a stupid telephone or computer every company is sharing and selling our person information to the highest bidder
the news didn't do a very good job explaining and made it sound like the scammers withdrew money only by swapping the service on her phone. The scammers somehow had her banking credentials as well.
@@kalidileriousprobably through a cloud for her phone like icloud
@@jtika1978but how were they able to login to her iCloud when setting up the phone without her password? There’s so many things they would need to pull this off that the news report doesn’t mention
This is the phone company’s fault, and not the bank’s: They must require absolutely bulletproof ID before issuing new SIM cards, and we all need to be prepared to provide such ID on a moment’s notice.
Actually I blame the bank because they are relying on the phone company to provide account security. Any expert will tell you to not use text to your phone as an authentication method. Unfortunately many banks continue to use this insecure method to protect accounts and that is wrong.
@@stefanpuffer, your point is reasonable, but I don’t think many consumers are sufficiently familiar with, nor even aware of, other alternatives, to be able to deploy them widely.
Why would that be the case? The bank is relying on random third parties (phone companies) to provide identification and authentication. That's terrible. The bank should be providing alternatives, and they should be responsible for making you aware of the alternatives.
@@mr88cet In some cases though there aren't many alternatives to do 2FA although for example, I do see that Microsoft is employing a 2FA app that people would use to authenticate their accounts versus getting a code on their phone via text. This would be a good step in the right direction but not all banks or services have these apps or have signed up for services that provide this.
No, stop encouraging the surveillance state. Privacy is more important than anything. The issue is forced 2FA.
So was it done by an employee?
Most likely yes
@@ceo2586 life in prison
SOME OF THESE BANKS ARE NOT DOING ANYTHING.
The problem is you have to give the pin to the Customer service of your cell phone company over the phone. That's a problem because it sounds to me like Employees working at such places already have access to your information or could be recording it when you are telling them over the phone and using it down the line or even selling it to someone.
Very true. There is something "fishy" with this on the phone company end.
The lady should sue the phone company.
If phone companies could get into legal problems from situations like these, they’d quickly enact policies to combat this type of fraud.
The phone company never promised to keep her bank account safe. They should be responsible for getting her phone number back to her, and give her a free month of service for the time it wasn't accesible.
@@darrennew8211 No but the phone company *IS* responsible for not performing sufficient identity checks before changing the SIM card number against the phone number.
So they are liable.
@@deang5622 They're liable for getting her phone number back and fixing any phone problems arising from that. They aren't responsible for what the bank did with her phone number. It's not their job to serve as an identification platform for financial services.
In Corporate America, the only policies that would be enacted quickly would be ones to protect the phone companies from lawsuits. Who do you think the law makers work for?
Phone service providers should need to require authentication for sim swapping. They are the weak link here.
Exactly! 👍
Banks should not rely on phone service providers to security their account. The banks are the weak link here.
Cyber HEROES!!! That’s what you guys are. ❤️THANK YOU THANK YOU THANK YOU ❤️
*PLEASE READ THIS:* Hey *STRONGWIDGET* Don’t listen to the Stupid trolls complaining about what YOU do! WE clicked on to YOU... we all know you rock, we get get your 'help' humor.
Don't waste your time trying to get the general pop to understand, they'll never 'get it' and they'll just bring you down., Keep being you, you are LOVED.
This sounds like an inside job. How would the scammer know her phone #, that she banked at Bank of America, her account #, and that she used TFA?
They also need the PASSWORD before two factor authentication is started. Hmmmm.......
if you ever write a personal check, chances are you are giving out your name, address, bank account #. Your phone number can often be found out via public web. And if you use weak password for your account, game over.
It usually sucks to have no money, but in situations like this it works to your advantage!
Dear Smirk 2452: Life isn't that bad after all, eh?
🤦♀🤦♀🤣🤣
Seems like Verizon should be responsible not the bank.
It's fake news
Everytime I've been in a Verizon store, they check ID before they'll even talk with you.
So do bars and nightclubs. IDs are useless, I thought most people realize you can print one up on in 3 minutes. An ID is just a useless artifact from the last century. A total joke actually ;-)
I've been switching phones and phone carriers for years. I always port my number to my new service, and whenever I do, I need a special pin code to do this. I'm surprised the scammers were able to do this without that pin code.
Phone companies then should be held accountable for not making sure that person is the rightful owner and pay all thefts.
Why doesn't the phone company call the number that's being requested to move? Just to check?
When your money was transferred to a scammer's account in another bank, couldn't they catch the scammer and recover the money?
Exactly! It's all bullshit
Was wondering that too. I know 10 people personally that have been victims to that bank fraud calling scam with the code. And if that money goes into an account I don’t know how he FBI can’t make arrests !
No, and it doesn’t make sense. Be careful with Zelle too. The bank says once they wire money you can’t get it back EVEN though the bank put the money in that scammer’s account. Makes no sense. They say their account is probably closed by now, they won’t even try to retrieve it. Lost lots of money scammed by an online “job”.
This are the inherent Dangers and weakness of Banking with your Cell Phone.
Banks need to stop using phones as authentication. They need to use email and authentication apps. SMS is not reliable.
Yep. Using a cell phone number as part of 2 factpr authentication is not a good idea!
I don't. Never have.
Breathed a sigh of relief for this woman when I saw that Bank of America reimbursed her for her loss. Now it's time for Verizon, Bank of America and other phone companies and banks to up their security measures and procedures game.
There is information missing from the news report. How did the thieves get her password? Two factor authentication usually comes into play after a correct password is entered. And even in the rare case that authentication is done immediately after entering a login id, a correct password is still required to access the account. Something is fishy about this situation.
I agree. I think somehow they first got her banking info and then did the sim swap.
They did not say if she had a password saved on her phone, but if she did, that couldn’t have transferred over to the new phone, right?
I think they either had to have used phishing/a virus to get her info or they discovered her password in a data breach.
So do you she had the bank app and that’s how they got her info
If 2FA is through SMS, a sim swap gives you access to everything, including e-mail and changing your passwords. If she had a dedicated 2FA app or token, this wouldn't happen.
Lawsuit against The worst bank in USA Bank of America
They all ready have one
I just did my deposition on May 2nd
We take identity theft seriously, once you contact my manager's manager and get declined and have to file a lawsuit to get us to do anything.
The real problem here is, banks like BoA don't allow you to use ONLY an authenticator app for 2FA and disable texting as a method of 2FA. I don't like law suits, but this problem is so prevalent and the solution so stratit forward, maybe it's time for a class action suit to get the banks to make changes.
Yep, if I had my way, I'd only have something like a FIDO enabled token or one time key. I think it's worth having 3 of those keys, two as master keys that can unlock any of the accounts and never leave the house and one for just a couple accounts where you may need to log in again when you're not at home. The keys themselves aren't that expensive and far more secure than what you'd get from SMS or email. Both of which travel over the network unencrypted and could potentially be eavesdropped on. (Admittedly, the likelihood of that happening in the time before the code expires is relatively small, as long as they haven't tapped your device to see when it's being received and using it in the meantime)
@@SmallSpoonBrigade We had a great hack where I worked, before everyone switched over to yubi keys. The pretty young girl calls up and says "I don't have my phone with me. Can I send my code to your phone and you read it to me?" And of course the code he reads is the code of his own account sent to his own phone. You really need something that can't be phished.
They also require a password to be entered. How did the scammer know she banked at BofA?
@@kenough I'm guessing it was an inside job all around.
@@kenough once they have a sim card for her phone number, they can reset her password to whatever they want.
I can understand how they got control of her phone number but there has to be more to the story. They would also have to know which bank she deals with, her account number and her pin number.
I have a sense she got one of those fake emails telling her that there was some problem with her account and she needed to log in. That would provide the criminal with her bofA user ID and password and phone number (if she is not yet enabled two factor authentication)
By going to Verizon and buying a new phone without checking for id which gave them the access to her number and phone. I’m betting it’s someone at Verizon.
They said all this in the video guys lol
Also, if you ever need to "recover" your password, it takes the 2FA to gain control and change the password, which uses either your phone to text a code or an email address to email the code.
So all someone really has to do is get your phone number and your email address. Then they can attempt to get your sim.
Once they have that, they can go to your accounts -- email, bank, utilities, you name it -- and start changing things because they are, thanks to today's technology, in effect, you. All the verification codes you would normally get are now going to them. Your service on the phone in your hand is dead, so you aren't getting those codes.
As far as I know, the only way to protect yourself is to immediately contact your service provider to see what you can do to lock the SIM down, using authentication apps, and using a unique login name or email address that you don't use publicly just for your banking, shopping, and service provider logins
Well, that 17K was transferred to a specific bank, with a specific account number associated with a specific name! That’s where the investigation should start. Am I missing something?
Exactly. I don't think the news reporter completely understood what happened. They just made it sound like if someone swaps your sim card they have access to your funds. It don' t work that way.
I could be wrong, but this looks like a Verizon problem. On my cellphone carrier account, I have to use a pin code and password before anything can be done. Either way, scammers are getting better everyday...
Never use my mobile to buy anything.
This didn't happen because of how she used her phone or which apps she has. It happened because her identity was compromised and she used text message 2FA which gave them access to the code. This is why any secure account should use a 2FA app, not a text message 2FA.
The phone company need to be sued!
The sad thing is, the insurance companies for these banks never go after these criminals. Someone ordered a debit card in my Mothers name and paid their bills. They could have simply found out whose utilities they were but, didnt.
Tell your mother to check her bank account EVERY DAY and set up a notification option. My credit union notifies me every time there is a transaction over $25. Annoying, but less annoying than someone using my account to steal my money.
Had this happen to me in the UK. Started with getting multiple dropped calls to my phone, before I got an email thanking me for reporting my phone as stolen. My phone was right in front of me, but when I looked at the screen it said ‘no service’. Within an hour they’d taken everything out of my bank account, and tried to set up Apple Pay. A horrible experience.
I don't normally post comments...but you guys were Ana's angel. From the depth of my heart, thank you *Strongwidget* for protecting our most vulnerable!!
Thanks so much for the hard work, you do on this world. I been watching you for, a while and amazes me every. Time when you save someone that has being Scammed I wish you all, the best saving more people
$17k in her bank account ... how many can say they have that much TODAY ??
I can. But I just transferred it over to savings. 🤣🤣
All very well to be aware of this, but is is the SECOND factor. The first factor is knowing the victim's bank account number AND their online password to log in, AND their phone number. None of these many videos about sim swapping even mention how that primary breach happened in the first place.
rtel123, totally agree with what you're saying. I expected more on how the thieves got certain information like that.
So in other words, it wasn't just the phone number. Someone had to have gotten where she banks at, the account number and the password to give to the phone company.
Wouldn't they need to know her account password for Verizon as well.
Scary stuff regardless
The first factor is the password which can be reset using the phone number. They text a link to reset it. Then they send a 2FA code. This is why 2FA is basically worthless unless you are using an authenticator app. Never use text 2FA when you can use an app.
Yes, this story was terrible.
@@C_G1443 Hmmm, I thought password reset is via email, not phone?
No questions for the bank as to why they initially refused the obvious claim? This is entirely between Verizon and the bank.
because somehow they had her credentials to log into her account which had nothing to do with the phone.
P.S. That wasn't suspicious to Verizon - that someone who lives in Maryland was purchasing a new phone in California?!? 🧐
People move. They probably verified her info (which was stolen from her).
Many suspect insider job. Scam rings paying off employees.
The phone company doesn’t verify that the buyer “owns” the requested phone number?
insider help with access to her info
They obviously thought it was her. They must have stolen her identity and pretended to be just buying a new phone.
Sounds like Verizon is responsible for this if it’s that easy to use their system for fraud.
You want to tell me why they can't track the phone and make an arrest?
Phone companies by law should be required to verify and record the identity of the customer and employee that conducts a sim swap. Once there is a trail it will help catch these scammers. Only then will these identity theft cases will slow down.
Correct and excellent explanation of what is required - at the least - in order to stop this kind of rip off.
Banks shouldn't do anything without the person being at the bank with proper ID
so that means international wires, sending a check to anyone and then not being there with them to verify u sent it to them when they want to cash it? did u even think about that before u said it lol
@@jackson_craft_gamingscates9324 you idiot, they don't have to be there at the SAME location, but they need to show up at their OWN LOCAL bank to DO and VERIFY the transaction, at least with large amount like over 10K, so that they have records of who's sending and who's receiving, in case of thefts, which are prevalent these days.
@@jackson_craft_gamingscates9324 No, the person sending the check would be there with ID. Did YOU think about that before "u" said it? Clearly not. He never said BOTH parties had to be there but maybe the ONE party draining her entire account show show an ID first, genius?
It's fake news
Just like voting
Humanity continues to be 🚮.
I worked at a major cell company for a long time. The store personnel work on commission or low salary plus commission. The store employee had more incentive to sell the phone than to check to make sure he or she had the correct customer. This is why the store person neglected to check for the passcode on her account.This allowed the customer to be hacked.
Sim swapping should be a life without parole kind of crime.
No
We need to close the border and mass deportations entire bloodlines with first 2 generation's cause they all came illegally at one point
While murderers get parole? You must be joking.
@alexshank1414😂😭
That penalty is kinda steep. Nice!
The dude is just not fakeing . The finishes of the goals. Beautiful. Magisterial. Love you *Strong widget.!* 🙏🏼 Whoever's reading this, I pray that whatever your going through gets better and whatever your struggling with or worrying about is going to be fine and that everyone has a fantastic recovery! Amen
Magic isn't real - stop with your spammy BS
@@stevenpike7857 it’s not spamming
Two-factor authentication means two factors. So, either this woman's bank password was known to the attacker, or the attacker called the bank and convinced them to change the password, which I would think is unlikely. If this woman uses the same password for everything and her password was in a data breach database somewhere that would explain how this happened.
True about if she uses the same password, but...
"or the attacker called the bank and convinced them to change the password, which I would think is unlikely. "
You know what a bank does when you call them to reset a password if you have two-factor auth?
They use that two-factor to verify you... The password is the easy part to reset if they have the SIM.
What is a bit trickier is the username... How did they get her username?
I agree with the data breach being a probable issue here, and she probably also uses the same username for her accounts...
Especially for financial accounts, not just obviously don't use the same password, but don't use the same username to log in...
I totally thought the same thing. If her phone number was stolen, that’s one part of two factors needed to get into her accounts, so how would the thief get this other information (the password)? The only way I can think of is if they knew what bank she banked at (but how would they even know this?), called them as another commenter wrote, and changed the password.
Exactly......The crooks had more than just her sim. She likely caused the real problem.
gr8 comment y helpful replies grazie Tom Doody middle-age American living in New Jersey near the Lincoln Tunnel
@@desiv1170 They also need the other information about your account though, such as your account number and name. Just having your phone is not enough.
This is just one more reason why I hate using a cell phone. It is hard to keep up with all the latest scams. I thought land lines were bad, but cell phones and computers make land lines look secure, in comparison. And because there are also land-line scams, I had to switch to extremely limited service so someone couldn't use my land-line number to call someone overseas or out of my calling area.
Hello how are you doing beautiful lady. I hope you are doing good. I'm Fred from Minnesota, nice to meet you here. Stay blessed 🙏🏼😇
Only people who didn't come from RUclips are worthy of liking this *Strong widget* 🏆 what a journey it’s been! this £200,000 recovery has been an inspiration to us all, congrats!!! ❤️
There is an easy way to stop this- don't do internet banking.
We need to mandate that any bank used by criminals in a scam must refund the money to the victim's bank. The the criminal's bank can recover the money from the criminals. We must also mandate full investigation of these scams with mandatory very long sentences of no less then 10 years of hard labor on a first offense. We should bring back chain gangs.
I thought sim card swap is only in Africa, so it is also in the U.S.??? People need to be careful online.
"It all started with this email". That's all I needed to know. Stop clicking links in emails.
when it flashes up on your phone and you inadvertently click on it
As far as I can tell, she didn't click on the link - the email - which was a notification regarding the new phone - was the first sign to her that someone was doing something wrong with her account.
It was an email thanking her for buying a new phone
Phone Co. & Bank should both be held accountable ‼️They are probably in it together ‼️‼️⚖️⚖️🙏🇺🇲🦅
Interesting, someone went into the Verizon store and bought a new phone on her account and they didn't say if the employee that helped the scammer checked the persons ID. Unless they had a fake ID with her name on it, Verizon is 100% liable and the employee should be terminated. I worked in two cellphone stores and you NEVER touched a customers account wothout a government issued photo ID. I watched several people get fired for this.
This is why we should be able to keep our cell phone numbers private!
How is anyone going to call you then?
Could get more than one number. Port one to Google Voice, get a second that's private.
My cell phone number is probably in 100s of places things like my medical care appointments
THANK YOU FOR BRINGING THIS TO LIGHT I NEVER EVEN KNEW IT WAS A THING.
It's not this is fake news
my biggest question - how didnthey know she was a good target, as in someone with actual money to steal? maybe they scoped her out as in nice vehicle, etc ?? man what a mess !!
That's a very good question.
She was probably a Social Engineering target. 😞
Scammers cast a huge net and wait for someone to take the bait…highly doubt she was a focused target of interest, just someone who came up as a potential target that they then focused on.
And how did they know her phone number? How did they know where she banked? How did they know her user name? How did they know her password? Silly story. She told them all this information.