General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsThieves are stealing your cell phone number to take your money
In less than 15 minutes, my dad had his cell phone number stolen from him and had his bank account hacked into, all while he watched as his email alert him every step of the way.
It appears that his T-Mobile cell phone number was used against him, ported to an account with Metro PCS, and then used to allow a thief to gain access to his online bank account.
"I was on the phone with Wells Fargo as the money was being transferred," my dad Mike Zelinger said. "As I was waiting, I was receiving emails from Wells Fargo saying that this has been completed, and your transfer has been completed."
What my dad is going through does not appear to be isolated. Customers have complained on Twitter and Reddit about their phone number being ported elsewhere and then used to gain access to bank accounts.
Link to tweet
Link to tweet
http://www.king5.com/article/news/thieves-are-stealing-your-cell-phone-number-to-take-your-money/281-501725049
Apparently their was a data breach at T-Mobile. That said I have an account with Wells Fargo. Were they able to transfer the app when porting the number? There are a few steps one goes through to set it up on a new device.
applegrove
(118,677 posts)Lars39
(26,109 posts)via your bank.
MontanaMama
(23,319 posts)EVER.
Agschmid
(28,749 posts)MontanaMama
(23,319 posts)I said don't bank on your phone.
Agschmid
(28,749 posts)This has everything to do with a breach on T Mobiles part.
L. Coyote
(51,129 posts)Make sure your computer is password protected. Even a burglary can move your money without stealing the computer, and it looks like you did the transfer. Also, place tracking software on your devices in case they are stolen.
RKP5637
(67,109 posts)various apps, etc. Tools like Sophos help some. https://www.sophos.com/en-us/products/free-tools/sophos-mobile-security-free-edition.aspx That said, many companies are damn lax with security. Tools can only help so much.
FM123
(10,053 posts)RKP5637
(67,109 posts)PragmaticDem
(320 posts)PoindexterOglethorpe
(25,861 posts)Never had a problem. It's vastly easier than writing out checks and making sure they are mailed in a timely fashion, especially as I travel a great deal. For someone who never leaves home, checks might make a lot of sense. But not for lots of people.
RKP5637
(67,109 posts)with technology, so I've agreed with her, she should not use it. She also has minimal transactions to do, so snail mail and checks plus a local bank work well for her.
gratuitous
(82,849 posts)But at least I don't have to worry about this nonsense.
Brainstormy
(2,380 posts)Never had trouble with online banking, but had my account wiped out by check when my purse was stolen.
Blue_true
(31,261 posts)But these phone attacks seem to be new. I wonder how banks will adjust? Maybe requiring customer verification using info only the real customer knows.
RKP5637
(67,109 posts)and routing numbers are right on your check, plus usually your name and address, plus your signature.
BigmanPigman
(51,608 posts)I use stamps to mail my monthly bills on time and will continue to do so. I was the only teacher at my school site who didn't get their pay automatically deposited into their account. The office staff was always pissed off at me since they had to put my paycheck into my box and I had to sign for it. Tough shit!
Duppers
(28,125 posts)George II
(67,782 posts)Brainstormy
(2,380 posts)Mine are fifty bucks.
riverwalker
(8,694 posts)I dont understand, how can they get in your bank account with a cell phone? Can someone explain it to me like Im 66. ?
Skittles
(153,164 posts)LuckyCharms
(17,441 posts)Skittles
(153,164 posts)*EGREGIOUS*
Yo_Mama_Been_Loggin
(108,010 posts)Hence my question can the apps you had on your old phone automatically transfer to the new if you change carriers. Seems T-Mobile would have to make that info available.
But the app is the first step. I have Wells Fargo and there are a couple more security steps that need to be taken when you use their app on a new device.
The hackers must have been pretty clever or T-Mobile provided too much info without verification. I lean towards the latter.
mackdaddy
(1,527 posts)At least for Android. When I bought a new phone last year, as soon as I put in my gmail info, it downloaded all of my contact information and apps from my old android phone.
I am assuming that it is similar for other OS, like apple and MS.
I would think that you would have to hack the gmail, but often it seems that your cell phone is a point of contact for backup and password change messages so they may be able to get it that way. Of course maybe T-Mobile also has your gmail password and it is part of what was hacked.
Egnever
(21,506 posts)That is how mine is set up. I get a text with a code and enter that in the bank website to authorize the password change.
It is typically a very good way to add security to your account. Unless of course your cell gets spoofed like this persons apparently did. Then it opens up your whole life.
This is the first time I have heard of this but it makes sense. It is hard to stay secure and as soon as they figure out a way to make things more secure people find more ways to beat them.
In general though two factor authentication is a good thing. That may be changing though.
onlyadream
(2,166 posts)mantis49
(813 posts)N/T
Initech
(100,079 posts)I don't have a Citi Visa card.
Yo_Mama_Been_Loggin
(108,010 posts)Initech
(100,079 posts)But their reporting methods are a bit questionable.
JustAnotherGen
(31,828 posts)There is a team in Fraud specifically assigned to the scenario you presented.
WillowTree
(5,325 posts)spoof@citicorp.com
Egnever
(21,506 posts)apparently you can set up port validation with T-mobile that will make it much more difficult for someone to do this.
If it is something you are concerned about and you use Two factor authentication for important accounts it would be a good idea to get it turned on.
Porting numbers is something we demanded as consumers. Interesting to see it turned on us.
ecstatic
(32,705 posts)If I recall correctly, they forced a password change the other day. I wonder if that's why. But depending on what was stolen, couldn't the hackers regain access by another means?
PoindexterOglethorpe
(25,861 posts)Was it banking via cell phone? Stealing of a cell phone number? A problem with T-Mobile?
I bank online, have for some years now. Love it, because as soon as I get a bill I go to the computer and set up the payment. I do a fair amount of travelling, and trying to make sure checks got mailed in a timely fashion would be unwieldy. I also have most of my bills set up as either direct debit from my checking account, or as a charge to my one credit card. I should probably make all of my bills that way, other than the said credit card, which I could set up as auto pay.
For what it's worth, I don't have a smart phone, and stories like this make me very disinclined to ever get one. I have a basic cell phone that I can text with and so far that's been good enough.
Kablooie
(18,634 posts)What about passwords and personal info?
Don't you need that to get access?
bathroommonkey76
(3,827 posts)My long distance carrier and my plan was upgraded without my permission.
Right before this happened I remember trying to log onto my ISP account and the page took me hundreds of users in my area. All of their banking information, social security numbers, phone numbers, and home addresses were all visible on my page. I didn't think much of it and logged out of my account. lol I'm pretty sure my account was hacked along with everyone else on their site.
Liberal In Texas
(13,555 posts)Banking should be done from a desktop with a crazy password you keep in Keypass. Never put this on your phone.
These phones and tablets are not a substitute for a computer. They are just portable devices to get email and check the news.
DFW
(54,399 posts)My outfit demanded that I carry one while in the States, but aside from Uber (which I almost never use), I have no "apps" on it except for using it as a.......TELEPHONE! Last time I was in the States, I swear, I got the impression that half the people with "smart phones" didn't even know the things could actually be used as a telephone as well as all that other stuff they use them for.
I don't even use Act Blue any more. Their software is faulty, and they grab 3.95% for themselves out of every contribution made, and then have the audacity to ask for a tip every time. I just send checks on my U.S. account. That costs me all of a 0.90 stamp.
RKP5637
(67,109 posts)apps are extremely invasive. And some apps are sometimes resold to criminals for phone hacking. There are tools to help some with this. One is Sophos, for example. https://www.sophos.com/en-us/products/free-tools/sophos-mobile-security-free-edition.aspx