SIM swap costs woman $17K in scam you need to watch out for

SIM swap costs woman $17K in scam you need to watch out for،

Sharon Hussey of Bethesda, Maryland was scammed out of $17,000 while using two-factor authentication (2FA) on her phone. With 2FA, before you can open an app, you must enter a code that is sent via SMS to your phone. But there are ways bad actors can get around this problem, including through a technique called SIM swapping. With that in mind, let's look at the unfortunate events that cost Ms. Hussey $17,000.

According to WJLAABC affiliate in Washington, D.C., Hussey received an email thanking her for purchasing a new phone with Verizon. Shortly thereafter, Bank of America informed Hussey of certain changes to his account information. The problem is, Sharon didn't buy a new phone from Verizon, nor did she change her Bank of America account information. When she tried to call Bank of America to find out what was going on, she couldn't make the call because her phone was disconnected from cell service.

Once the thief had his SIM card in his phone, he received all the codes generated by 2FA

When she tried to use her computer to access her Bank of America account online, she couldn't because 2FA required her to enter a code on her phone that she could no longer receive. And within minutes, $17,000 had been withdrawn from his bank account. She told WJLA: “At first I didn't realize what a big deal it was. I thought I had it taken care of on the first day by calling the bank, calling Verizon. Figuring things out,” Hussey said. But as she added, “And the bottom kind of disappeared.”

SIM CARD ALERT: Sharon Hussey, who lives in Maryland, lost thousands after someone entered a Verizon store in California and got a new SIM card using his phone number. She breaks everything down. @7NewsDC pic.twitter.com/C8vKJX2wM0

— Scott Taylor: 7 News – WJLA TV (@ScottTaylorTV) January 24, 2024

What happened, according to the victim, was that someone walked into a Verizon store in California and purchased a new phone using Hussey's current phone number to activate the new handset. As soon as the new phone was booted with a new SIM card, connected to Hussey's phone number, Sharon's phone broke. Although she was able to contact Bank of America via a landline, it was already too late as her $17,000 was gone.

Part of the reason Hussey was so vulnerable was because she had 2FA enabled. Once the thief had a new SIM card for his phone in his phone, all the 2FA codes were transmitted to him, allowing the thief to easily open all of Hussey's apps on his newly purchased phone. Hussey realized this herself when she said: “And I have a two-factor identification that ended up biting me in the face in the end. That's what completely sidetracked everything. They had full control of my phone and there.” I couldn't do anything about it. »

Alex Quilici, CEO of YouMail, a visual voicemail and robocall blocking service, explained how SIM swaps work. “The bad guys convince the phone company that they have the SIM card for your phone number and as soon as the phone company makes the swap, they control your number,” Quilici said. “If you do two-factor authentication on your mobile number everywhere, if someone else gets that mobile number, they can authenticate as if it were you,” he said. -he adds.

For three months, Bank of America refused to credit Hussey for the stolen $17,000. Ultimately, the bank changed its mind and refunded the $17,000.

Verizon recommends you do some things that can prevent you from becoming a victim of SIM swapping

To make sure this doesn't happen to you, Quilici says: “The first thing is to make sure you get a PIN or number porting PIN from your carrier. This requires a special code that hopefully only you need to have. be given to the operator before proceeding with the SIM card exchange.

Verizon also offers a list of things you can do to avoid becoming a victim of SIM swapping:

Use strong, unique passwords. Don't use the same passwords for your social networks and your financial applications. Despite what happened to Sharon, Verizon always recommends enabling two-factor authentication wherever it is available.

Verizon said you should be wary of unsolicited texts, emails and calls. If you detect a sense of urgency and sense that the other party wants you to act immediately, do not respond to the message and delete it.

If you receive a message from your carrier that your service is disconnected and you did not request it, call the company from a landline as soon as possible to determine if the message is legitimate. If you stay alert and cautious and greet text messages that seem “abnormal” with skepticism, you can give yourself a fighting chance against a SIM swap.