Can easily be fixed if phone carrier requires you to be physically in their stores to swap sim phone…no calls allowed to swap sim. You have to be in store showing valid drivers license to do it.
@@graceoverall Doesn't matter how much the attorneys take. The point is to force phone carriers to improve their security to make it impossible for sim swap to occur.
Many people use carriers that don't exist in buildings, only online. My parents use US Mobile. There are no US Mobile brick and mortar stores. I agree that something needs to be done to prevent this sim swapping attack.
Unfortunately it’s going to take a multi million dollar class action lawsuit for the phone companies to not just take responsibility but to also stop making it easy to do sim swaps.
I had this happen to me luckily I caught it before they drained my accounts which they didn't go after my bank account because I could probably call them to get my money back but rather if you own crypto they can just transfer all of it to them as they were changing passwords. I was at my job though and had access to my work phone and called my carrier to have it all reverted back to my actual phone and not the fake phone.
Seems like people put way to much faith in their phone! I only use what is is loaded on the phone. No banking or any other extra applications. I use my tablet for every thing. Although my tablet is preloaded with a phone I have never had implemented it. Needless to say my tablet does not travel. ( This is not to say I cannot be ripped Off. Just a little more safer)
No, not banned. Just deprecated in favor of stronger security methods on financial accounts. It's perfectly fine on accounts that don't have significant financial implications.
The reason for banning is if SMS is still enabled then that is still going to be the weakest link, you only need one link to get into an account. I doubt they would offer an option to disable SMS at the account level.
It's weird because when I left Canada my bank didn't need a phone number to log in to their website in 2010. And then suddenly they're asking for a phone number.
also, these could also be inside jobs, one works at cell store, another at a bank, etc Although a lot of this tech is so automated now and so fast, that it gets done before it's gets noticed.
I just learned about this by accident lol. Simple toggle switch in my case in account settings on provider website (after creating and logging in to your account that is).
Sue the phone company for not physically confirming your identity before updating to the new sim. You will win as this is a new frontier for law interpretation.
It’s going to take a class action lawsuit in the hundreds of millions to make the phone companies take responsibility. The phone companies know that litigation is very expensive, especially for the average person. Being that a lot of your money has already been stolen, you don’t have much to go after them with.
@@lmcc0072 bs excuse - a lot of lawyers work for free to get 30% of the win settlement against a big company - you gave up before even bothering to look for a solution. You got a lot of quit in you.
I closed my account after they hit me with 8 overdrafts. The way they processed a payment, largest first, caused all the overdraft charges instead of just 1 if they would have processed them in order. I told a manager at a branch how shady that was and I had no problem paying the overdraft for the one auto debit charge. She wouldn’t work with me to reduce the $250 overdraft charge and basically kicked me out of the branch when I said I was closing my account.
All Mega banks (Bank of America, Wells Fargo, Chase, US Bank etc) are like this. You’re just a number to them, not a customer….I stopped using Mega banks a couple years ago and only use Credit Unions now. Credit Unions or small local banks are the way to go. I don’t understand why people even still insist on using Mega bank corporations.
If the phone carrier was fooled, swindled, scammed, bamboozled, whatever … they need to be responsible not only for restoring the loses to the customer, but also to make the necessary changes or upgrade policies and procedures for sim swapping in order to prevent or at least deter the practice. Their security was breached, not mine or the banks.
@@reefhound That’s true, T-Mobile calls it SIM Lock. I did mine after seeing a few videos about this issue. However I believe that should be a default setup instead of leaving up to the customer in an age where, practically our whole lives are on these devises.
@@EdithR940 Go on your carrier apps, look for setting and then, security. You should have a few options there. I’d call the carrier for help if needed.
@@Philibusting How would they set up by default a PIN that only you would create and know? They would have to autogenerate one and notify you with advice to change it but then tons of people would find themselves unable to switch carriers or sims and claiming they never got any notification of a PIN.
yup, I have that setting setup too but there also things you can do to setup additional security at all your financial accounts as well. For example, I've seen a security feature where you can setup a pin code to allow manually initiated transfers from your bank account to another bank account. You should take advantage of all the security features that your accounts offer.....Authenticator Apps, pin code to transfer money, etc. The more security features you take advantage of, the more hoops the hacker has to jump through. It's like having 10 different locks with 10 different keys. Also freeze your credit reports. That way no one can open new accounts in your name if you are hacked. My Ss number has been hacked and I immediately froze my credit reports so far no new accounts in my name.
A measure that could work is to require anybody wishing to swap a Sim card to present themselves in person with identification to the carrier. Sim swapping should not be allowed by telephone.
Or people could just live without SIM cards. I do. My phone number is one of the internet only phone number and my calls from scammers have dropped to being less than wrong numbers. Scammers don't call internet only numbers because they need victims with cell phones or at least a POTS line hookup to their house. Scammers don't call internet only phone numbers because they think it is calling another scammer. I just use an ancient phone that is jailbroken so I don't have to prove to the carrier that I am not a scammer. And then it will work for incoming and outgoing texts. It costs me ten buck a month. I can tether it to the phone provided at my job when I am away from my home wifi. And the thing is so old that anybody who stole it would be disgusted they wasted their time. They would think I was carrying a piece of worthless junk. Just like the honeypot wallet I carry with never loaded pre-paid debit cards. And the fake key ring with keys to nothing because I bought them at the hardware store as blanks. We don't need SIM card cell phones. Especially if your employer provides one.
@@TheRealScooterGuy Since all online carriers are MVNO's for one of the major carriers, I'd say they would have to contract with the major to handle it at their store. Except there is no legal requirement for even the major carrier to have a physical store.
@reefhound yes, access to live support like physical stores or offices is diminishing. This issue is the bullseye for scammers. In addition though, is the automation v. human servicing. Automated systems cost us time and frustration, repeatedly. Some critical accounts - utilities, medical practices/hospitals, any variety of physical, social, financial resources can make it virtually impossible to address, report, help or avoid the small to most devastating errors, fraud, even emergency level events.
I think some do. Tmobile will send a text alert that you must respond too before they initiate a sim swap but if you actually lost your phone, you won't be able to get a text. The only thing you can do is get a new number.
That's why I use Google Fi. Their security is so strong even I failed to port out one of my family plan's number (I forgot the port out pin). Kudos to Google.
Same. I didn't get how someone accessing my phone would give them access to my bank at first. I don't do banking through my phone. I sign out of everything I use, but I don't use my phone for sensitive information - just email.
FINALLY, a (THE) correct answer! I was an IT professional at a Fortune 100 company until I retired. I don’t use my smart phone for anything financial and never have. I have several computers but only use one of them for financial purposes and it’s disconnected from the internet when I’m not using it.
That's great but I don't see how that would help with this scam. It may actually make this scam worse because you have a false sense of security. I quit using two factor with text and use the financial apps authenticator (or a third party like Google) for verification, which is tied to a random token, not the sim card. If you are simply avoiding phone apps, a scammer can still steal your 'sim' as this video suggests and get access to your accounts.
The phone company is to blame….and so is the bank. My big question is - why aren’t these scammers being caught? The money clearly went into another account that should be able to produce the criminal. Sadly, I believe the cops/investigators don’t care enough to track them down. The banks are insured for these losses. So after being pressed by the victim, they reimburse the victim and recover the money through insurance claims. End result - scammers can attempt these crime with no risk of ever being caught. Why wouldn’t they keep trying this?
exactly. that is why banks use the excuse that it was a legit transfer when they sent the code. That is how they are able to get around it. In their minds it's up to you to prove you didn't initiate the transfer. I've seen a security feature where some banks have added a security feature where you can setup a pin code in order to initiate a transfer which is something every financial institute should implement. It would save them and their customers lots of money.
I check my accounts DAILY. I deal with two banks. Thanks for bringing this to the attention of the public. Paranoia? Nope. I have saved $1000s from fraudulent credit charges. One was a florida (i am in canada) charge of about $3000 for a BNB
Great information. I am a scambaiter and thought I knew every trick in the book. The despicable thing about this is that they don’t need to scam you they need to convince the carrier
Convenience is the root of all of our problems we face today. Our not wanting to be inconvenienced, laziness and complacency has allowed criminals who are willing to work harder than you to protect your money, steal your money.
It's the banks forcing the changes in my country. Cashless. Bank closures. Feel sorry for elderly people who cant bank. Even phone banking being phased out by some banks.
I had someone go into an At&t store, impersonate me to get an Apple Watch added and sent to them. I caught the fraud before it shipped, but I'm certain they would have done some 2FA fraud. Also, I ALREADY had an extra security pin on my phone account.
The phone company is the blame from giving the access to the numbers to the scammers instead of hanging up or asking them the questions that is very hard to answered.
New federal law as of July 2024, mandates that your carrier allow you to LOCK your SIM card. Find out how to do it, and do it but ONLY through your carrier. That is what you need to know!
Why aren't the pathetic mobile phone companies held responsible for the sim swapping? There should be a special code to switch the sim with the phone carrier.
Great video Cal. Here are some tips to help prevent Sim swaps: as he indicated use an authenticator; don’t use your common number for your banking, or financial accounts. Get a separate number only for banks; don’t use your name for the new number, use a family name, or use your imagination.😅 most companies don’t care who’s paying the bill; most wireless providers offers SIM lock, you are not using it. Lock your SIM so it can’t be ported. I know Verizon, AT&T, T-Mobile, and even Visible offer it. Protect your SIM.
I can't even get through my cell customer services. You post is god send , you gather all essential in one VDO. thank you. Why can't we take the money back from the bad guys.
Banking regulations such as KYC - Know Your Customer. SMS code is sent to one device which can be located based on the cellular tower it was connected to at the time. An auth app could be on multiple device at the same time and entered from anywhere in the world, using VPNs or IP relays.
There are scams where they call you and the number that comes up is your actual bank. It's crazy to me that these companies can't do something to stop this type stuff.
I refuse to use the cloud for any backup or run programs from it. I also don't do my banking on my phone or put my credit or debit cards on it. I use my wired computer for my finances. My view is that there has never been a lock that one man built that another won't figure a way around it and A physical lock is much more secure than this computer world because you can't be on the other side of the world and pick it.
You're phone doesn't always stop working with a sim swap. If you pick up your phone and the screen tells you to enter your pin and you never put that on your phone to begin with, then your phone has been hit. Get a new sim and PUK code.
3:24 it doesn't matter if the woman in Maryland had strong passwords or not. The issue is, as pointed in the beginning in the video, is that providers like Xfinity Mobile can just simply be convinced with the last four digits of your credit card. This is easily seen even in receipts from your grocery store. What needs to be done is to offer a well designed *Number Lock* system as well as setting and using your SIM pin. Number lock prevents your number going out with confirmation being sent to your EMAIL and not your number. SIM lock prevents your sim from being used unless you know its pin, effective when someone physically takes your sim and tries to put it in their own phone.
If only the phone company would call the phone number before doing the swap, the actual person who owns the number would answer and tell the phone company "Oh...HELL NO!".
don't bank or buy things on/through my phone. it's bad enough my "data/pii" was breached multiple times from 3rd party entities; I don't do any really important business on my phone
Another good reason is the delays of posting both deposits and withdrawals can be used against you to charge fees if you are running out of cash. The transaction with a teller protects you from predatory fees.
Great mistake. Not having an online banking account may cause for someone else to create a banking account pretending is you. Plus you won't be able to check your money regularly. It will be like not regularly checking your credit report for identity theft 😂😂
@denisseceballos2258 They have to have your banking info prior to creating an online account. If they already have that info then they don't need to create an online account.
Lol! You talk about not putting all of your eggs in one basket, but then you proceed to tell everyone to put all of their eggs in one basket with Aura.
Most phone companies have line locks that make you have to wait at least an hour before a swap can be made and they will send you a notice letting you know you just have to activate it.
Banks do not care, I remember my wife was in the process of getting money at a drive thru atm and a shootout started next to her when she was taking money out so she drove away scared, the money she withdrew was left in the atm, and the bank did absolutely nothing to help us or even reimburse any amount
The phone companies need to verify two Q&As you provide when signing up, send you an email that's on file with them for verification, and have a passcode on file when you first sign up that you must provide to them for the swap.
Thank you so much for this video it's been very helpful and informative. People are finding other ways to rip people off and rob them with out doing it physically! So sad 😢
This is a smart phone and user problem more than anything else. The best solution is to do banking on a personal computer or tablet and don't shop and bank on the same device. As the rapper Ice Cube raps, smart phone equals dumb dome. Walking around with all your financial and personal information on a single device is not very bright. People think it makes their life easier but it makes their life easier to be attacked.
If you have your phone set with a PIN code and/or facial recognition they should not be able to access your phone as the phone with the swapped SIM would only get asked to provide the PIN.
An SOS displayed on the cellphone’s upper right corner is not automatically a sign that a SIM swatch has occurred. You can encounter it when cell service is poor such as when driving through the boonies. For example, the phone my employer provides is with a cellular carrier whose coverage where I live is spotty at best. I had to request data roaming for the phone as another cell service provider has better coverage where I live.
There are bigger questions here: How did they get the last 6 digits of his debit card in order to change the passwords? How did they know he had money to drain in the first place? These are inside jobs. It's the bank tellers giving out the info. They are finding out who has money, then giving the phone numbers and debit card numbers to their accomplices so they can do the sim swap and reset the passwords. They probably give the social security number too, but all those are already on the net anyway. The fbi needs to go at the banks and the phone companies to stop this.
Lots of assumptions there. Any time you hand your card to a clerk or cashier, it is vulnerable to someone grabbing data. (A waitress in my area was caught photographing payment cards when people paid for their meals.) Additionally, they don't attack only people with thousands of dollars in the bank: People with small balances get hit too. We are simply more likely to hear about the big cases.
@TheRealScooterGuy Most people don't hand their debit cards to people these days. I never do and haven't for years. In the case that they do, how does a random cashier also get your phone number/phone carrier? But yes, a lot of assumptions. Still worth checking out. This has to stop and everyone at every step of this process should be looked at.
I agree on the inside job. I ordered checks from a newly opened Navy Federal account from the teller in the bank. I never received the checks. Because I check my balances DAILY and have activity alerts set up, I caught a check for $300 going through. I called NFCU immediately and cancelled those checks, had them create a new checking account for me and I got my $300 back. It was either NFCU or USPS that got access to those physical checks because they never made it to my mailbox. I've never used or asked for paper checks again.
Your credit card number is literally the easiest thing to obtain and the least secure financial information you own. You use them all the time and they get taken out of your sight. The biggest crack in security though is when a giant corporation has a data breach and your info, including credit card number, is on a list bought and sold online. It is ridiculously easy to get a credit card number. Please learn how this works before you claim this kind of garbage.
I would recommend contacting the bank which has most of your funds FIRST, AND do so while driving to the physical store of your carrier. Unless you live more than 15minutes away from the store. Call to carrier will almost always take longer than visiting the store.
The people who get hit by these the most are the ones that barely learn how to use their phones and how to secure their accounts because they find it too difficult to get back in. When I worked in this field the actual owners of the accounts always knew less about themselves and their account than the fraudsters
My carrier has a SIM card protection that takes about 10 seconds to do, and makes it much harder than what is described in the video. Of course, vern phone users have to set up such a thing with their provider's use interface. That's where a video like this is helpful to raise awareness.
You cannot use Authenticator apps if the banks don’t allow you to program them. Most of these major banks won’t allow it. Some smaller banks allow it, which in return have lesser features like low Zelle payments. Or no Zelle at all. These major banks have low tech security and no one is complaining to the banks.
Banks don’t want your phone number just for 2FA, they want it to sell your information to data brokers who want to marry your social media activity with your financial activity. Banks purposely leave out options other than phone number from 2FA because it’s never been about security, it’s about surveillance.
Like he said, put a pin on your phone account. Also where possible, don’t use texts for multi factor authentication, use an app such as google authenticator. Also use a unique email address for each financial account, as well as your cell phone account. Also have the only recovery method for those email accounts be a cryptographic key that you print and store somewhere secure.
This happened to my mom last year in Myrtle Beach. She was able to get to her accounts for the most part before a ton of damage was done, but this is very scary. My parents are retired and on fixed income so this could have destroyed their lives. She was near certain it was a physical attack by someone at the resort that opened her up to the sim swap
So you don’t need a transaction to take money out of your account now? How are banks or cell phone carriers not liable? You didn’t authorize the money to be taken out….
For eSIMs (or to conduct ANY account business online) phone companies (all companies, really) should require us to input a unique 4 or 6 digit code that we create. When we call these companies, we usually get a recorded voice asking for our phone number. Why not ask us to input a unique code after we input our phone number? The code would basically 'unlock' any features we want to ask for by the time we reach the customer service rep. This would eliminate humans from knowing what our unlock code is, as we would set all this up ourselves upon our first contact with the service. Also, if we go in the store and the csr pulls up our account, there would be a keypad that we would input our code before the account unlocks to make any adjustments.
Since Fall 2024, SIM and PORT-OUT can be locked by the US Carriers (preventive action is better than corrective actions). Contact your carrier for details...BTW, PORT-OUT is when a number is transferred to a different carrier...
This is easy-the thieves will claim that someone stole the phone-in which case calling the old phone before will be pointless, because the phone company would be calling a phone thief.
I blame the cell phone companies. All these services used to have to be done in person, at a store. Now they have outsourced that to software or overseas. This should all be in store only and require photo identification.
So what you’re saying is that only carriers with brick and mortar stores should be able to do business? And you’re also giving each carrier a monopoly on selling phones for their network? Also do you realize how far someone in a rural area could be from a brick and mortar store because they’re hours from a major city? Also do you understand how much more expensive all of this will be, as costs will get passed onto you? There are really simple things that can be done to increase security on a wireless account. I don’t think you understand the nature of the wireless industry though…nor how much customer abuse will get brought back from when you were forced to buy a phone that only worked on one carrier.
I don’t have alot of thousands of dollars like these victims had but I got a few. Something like this could really hurt me or someone in my position. Hopefully carriers implement security measures that can stop this completely.
There are law enforcement people who illegally gain access to our phones without needing a warrant. These phone companies allow it. It violates our fourth amendment rights
1. Stop telling people who your phone carrier is even in casual conversation...lie 2. Set up a pin # with your mobile carrier so when you call they ask for your pin always 3. Freeze your credit with all 3 credit bureaus
go to 9:27 he said call your cell phone provider and setup account pin. and setup 2 factor authentication on other accounts. the 1st 9 minutes are full of fluff easy to drag a 3 minute video to 12 minutes for watch time.
The upside of being broke , living check to check is that if a scammer gets my info they’re as screwed as I am lol but on. A serious note these companies need to do better
I was sim swapped THREE TIMES in about a year and 1/2. We ended up changing my phone number the last time (which is its own PITA) and that has so far worked. So far. Definitely have ramped up security measures.
I.D. theft protection & Instant hard inquiry alerts
Get 2 weeks Free - offers.calbartoncashback.com/Aura
E sims and Verizon ✅✅
my bank doesnt have my cell number... jokes on scammers that i have no $
The attacks aren't random
Can easily be fixed if phone carrier requires you to be physically in their stores to swap sim phone…no calls allowed to swap sim. You have to be in store showing valid drivers license to do it.
So this whole video is just an ad.
Seems like the phone carrier is to blame for the scam being successful.
and the banks should know about this and pause any out of ordinary transfers until more verification can be done
@myob3574 Employee at the carrier didn't do any due diligence and should be canned
I'll bet you after a few lawsuits are filed...they won't be so quick to swap SIMs anymore
That's exactly right!!!
Yep, they would be the first ones to sue.
The gap is with the phone company… time for a class action lawsuit suit
You mean a lawsuit where the damn attorneys take all the money for themselves and the rest of us get $10?
Why so lawyers get fed. They get the bulk you get a pittance. Class action suits screw u and feed a bottom feeding lawyer. Ugh
@@graceoverall Doesn't matter how much the attorneys take. The point is to force phone carriers to improve their security to make it impossible for sim swap to occur.
@@graceoverallfacts
@@thequake180 You don't sound like an attorney but clearly in their corner.
The phone companies should make it mandatory to do the swap in store only.
Agreed.
Doesn't help those who aren't near stores. Banks don't care and probably are in on it.
They are electronic now. People don’t want to be inconvenienced and feel it will never happen to them
People have used fake IDs to do it in a store, but more commonly is to pay someone in a store to do it.
Many people use carriers that don't exist in buildings, only online. My parents use US Mobile. There are no US Mobile brick and mortar stores. I agree that something needs to be done to prevent this sim swapping attack.
Phone companies are to blame for easily giving them your sim.
Unfortunately it’s going to take a multi million dollar class action lawsuit for the phone companies to not just take responsibility but to also stop making it easy to do sim swaps.
I had this happen to me luckily I caught it before they drained my accounts which they didn't go after my bank account because I could probably call them to get my money back but rather if you own crypto they can just transfer all of it to them as they were changing passwords. I was at my job though and had access to my work phone and called my carrier to have it all reverted back to my actual phone and not the fake phone.
Seems like people put way to much faith in their phone! I only use what is is loaded on the phone. No banking or any other extra applications. I use my tablet for every thing. Although my tablet is preloaded with a phone I have never had implemented it. Needless to say my tablet does not travel. ( This is not to say I cannot be ripped Off. Just a little more safer)
@@Crypt0fin same, but crypto should be on a hardware cold storage wallet
pass laws to stop them
SMS needs to be banned from being used as an authentication method.
No, not banned. Just deprecated in favor of stronger security methods on financial accounts. It's perfectly fine on accounts that don't have significant financial implications.
Banks need to be forced into using more secure 2 factor authentication techniques like authenticator apps instead of sms.
100%
The reason for banning is if SMS is still enabled then that is still going to be the weakest link, you only need one link to get into an account. I doubt they would offer an option to disable SMS at the account level.
It's weird because when I left Canada my bank didn't need a phone number to log in to their website in 2010. And then suddenly they're asking for a phone number.
His mobile network should also be criminally charged.
I agree. The phone company made the mistake of giving them access.
Rich individuals and companies are immune to law though, don't'cha know?
Especially with tRump and his cronies about to be in power...
Totally agree with you the phone company made that huge mistake instead of hanging up on the scammers or ask them hard questions that they don't know.
also, these could also be inside jobs, one works at cell store, another at a bank, etc Although a lot of this tech is so automated now and so fast, that it gets done before it's gets noticed.
Inside job!
hey everyone, you can call your cell phone company and ask them to not permit anyone to sim swap or port out your phone , you can lock your phone
If you do this, does it make it more difficult when you upgrade your phone?
I just learned about this by accident lol. Simple toggle switch in my case in account settings on provider website (after creating and logging in to your account that is).
@@danieli.9252kind of. It takes like a day for your new phone to start working.
But its better to be safe.
I have tmobile
@@danieli.9252 i have no idea but you could always take it off i think
How so ?
I think it's time we all demand from every carrier that sim swaps must be done only in person at an authorized dealer.
Sue the phone company for not physically confirming your identity before updating to the new sim. You will win as this is a new frontier for law interpretation.
It’s going to take a class action lawsuit in the hundreds of millions to make the phone companies take responsibility. The phone companies know that litigation is very expensive, especially for the average person. Being that a lot of your money has already been stolen, you don’t have much to go after them with.
Same people who say - sue phone company for not letting me switch carriers easily.
They probably put in the small print that your agreeing with their policy is you have to do mediation instead of law suits.
@@lmcc0072 bs excuse - a lot of lawyers work for free to get 30% of the win settlement against a big company - you gave up before even bothering to look for a solution. You got a lot of quit in you.
Have you ever suede anyone before?
Bank of America is just awful.
Wellsfargo is no better same evil folks
BOA is awful
Citi is the worst
I closed my account after they hit me with 8 overdrafts. The way they processed a payment, largest first, caused all the overdraft charges instead of just 1 if they would have processed them in order. I told a manager at a branch how shady that was and I had no problem paying the overdraft for the one auto debit charge. She wouldn’t work with me to reduce the $250 overdraft charge and basically kicked me out of the branch when I said I was closing my account.
All Mega banks (Bank of America, Wells Fargo, Chase, US Bank etc) are like this. You’re just a number to them, not a customer….I stopped using Mega banks a couple years ago and only use Credit Unions now.
Credit Unions or small local banks are the way to go. I don’t understand why people even still insist on using Mega bank corporations.
If the phone carrier was fooled, swindled, scammed, bamboozled, whatever … they need to be responsible not only for restoring the loses to the customer, but also to make the necessary changes or upgrade policies and procedures for sim swapping in order to prevent or at least deter the practice. Their security was breached, not mine or the banks.
They already have. It's called Number Lock or Port Lock. These anecdotal stories are from people who didn't enable it.
@@reefhound how does one enable it ? Is it on settings?
@@reefhound That’s true, T-Mobile calls it SIM Lock. I did mine after seeing a few videos about this issue. However I believe that should be a default setup instead of leaving up to the customer in an age where, practically our whole lives are on these devises.
@@EdithR940 Go on your carrier apps, look for setting and then, security. You should have a few options there. I’d call the carrier for help if needed.
@@Philibusting How would they set up by default a PIN that only you would create and know? They would have to autogenerate one and notify you with advice to change it but then tons of people would find themselves unable to switch carriers or sims and claiming they never got any notification of a PIN.
T-mobile has added a SIM swap protection setting which restricts reps from performing a swap. I'd also recommend setting a strong account PIN.
yup plus the account passcode in order to change account plans/phones/add-ons
yup, I have that setting setup too but there also things you can do to setup additional security at all your financial accounts as well. For example, I've seen a security feature where you can setup a pin code to allow manually initiated transfers from your bank account to another bank account. You should take advantage of all the security features that your accounts offer.....Authenticator Apps, pin code to transfer money, etc. The more security features you take advantage of, the more hoops the hacker has to jump through. It's like having 10 different locks with 10 different keys. Also freeze your credit reports. That way no one can open new accounts in your name if you are hacked. My Ss number has been hacked and I immediately froze my credit reports so far no new accounts in my name.
All US carriers have that now. New FCC regulations last summer require it, and it must be free.
You can select "Lock Line" on your carrier's website
How do you make the pin, and where can I find the setting?
Jokes on you😅 my bank account is already drained
A scammer stole my identity. A week later he gave it back, with a comment that my life was too boring :(
Sucks to be you. Mine has $11,548.45 in one of my checking accounts.
@@robtriton🤦🏽♀️🤦🏽♀️🤦🏽♀️
@@godsbutterflys Right? haha
There was social engineering involved, so he was targeted by someone who knew he had a sizable account.
A measure that could work is to require anybody wishing to swap a Sim card to present themselves in person with identification to the carrier. Sim swapping should not be allowed by telephone.
How would you implement that for online-only carriers?
Or people could just live without SIM cards. I do. My phone number is one of the internet only phone number and my calls from scammers have dropped to being less than wrong numbers. Scammers don't call internet only numbers because they need victims with cell phones or at least a POTS line hookup to their house. Scammers don't call internet only phone numbers because they think it is calling another scammer.
I just use an ancient phone that is jailbroken so I don't have to prove to the carrier that I am not a scammer. And then it will work for incoming and outgoing texts. It costs me ten buck a month. I can tether it to the phone provided at my job when I am away from my home wifi. And the thing is so old that anybody who stole it would be disgusted they wasted their time. They would think I was carrying a piece of worthless junk. Just like the honeypot wallet I carry with never loaded pre-paid debit cards. And the fake key ring with keys to nothing because I bought them at the hardware store as blanks.
We don't need SIM card cell phones. Especially if your employer provides one.
You should look up, "Right To Repair." What you are saying is that people have no rights to work on their own equipment that they own.
@@TheRealScooterGuy Since all online carriers are MVNO's for one of the major carriers, I'd say they would have to contract with the major to handle it at their store. Except there is no legal requirement for even the major carrier to have a physical store.
@reefhound yes, access to live support like physical stores or offices is diminishing. This issue is the bullseye for scammers.
In addition though, is the automation v. human servicing. Automated systems cost us time and frustration, repeatedly. Some critical accounts - utilities, medical practices/hospitals, any variety of physical, social, financial resources can make it virtually impossible to address, report, help or avoid the small to most devastating errors, fraud, even emergency level events.
the phone companies can’t send a simple email asking “Are you switching to a new phone?” How hard is that?
That would be ideal!
I think some do. Tmobile will send a text alert that you must respond too before they initiate a sim swap but if you actually lost your phone, you won't be able to get a text. The only thing you can do is get a new number.
Emails can be missed. To me there has to be confirmation with 2 forms of ID in person before the swap is done.
The scam started when the scammer gained access to your email.
That's why I use Google Fi. Their security is so strong even I failed to port out one of my family plan's number (I forgot the port out pin). Kudos to Google.
BofA is probably one of the worst banks. I will never put a dime in there bank.
their bank
@@kenkellar2246just ignore it why do you do this?
I'm a 60 year old IT professional. I've never put any financial applications on my phone. It's too dangerous.
Same
Same. I didn't get how someone accessing my phone would give them access to my bank at first. I don't do banking through my phone. I sign out of everything I use, but I don't use my phone for sensitive information - just email.
FINALLY, a (THE) correct answer! I was an IT professional at a Fortune 100 company until I retired. I don’t use my smart phone for anything financial and never have. I have several computers but only use one of them for financial purposes and it’s disconnected from the internet when I’m not using it.
i dont think they are logging into your bank apps, they are using your 2 factor authentication code that the bank texts you to access your accounts.
That's great but I don't see how that would help with this scam. It may actually make this scam worse because you have a false sense of security. I quit using two factor with text and use the financial apps authenticator (or a third party like Google) for verification, which is tied to a random token, not the sim card. If you are simply avoiding phone apps, a scammer can still steal your 'sim' as this video suggests and get access to your accounts.
The phone company is to blame….and so is the bank. My big question is - why aren’t these scammers being caught? The money clearly went into another account that should be able to produce the criminal. Sadly, I believe the cops/investigators don’t care enough to track them down. The banks are insured for these losses. So after being pressed by the victim, they reimburse the victim and recover the money through insurance claims. End result - scammers can attempt these crime with no risk of ever being caught. Why wouldn’t they keep trying this?
Inside Job.
exactly. that is why banks use the excuse that it was a legit transfer when they sent the code. That is how they are able to get around it. In their minds it's up to you to prove you didn't initiate the transfer.
I've seen a security feature where some banks have added a security feature where you can setup a pin code in order to initiate a transfer which is something every financial institute should implement. It would save them and their customers lots of money.
😮
I check my accounts DAILY. I deal with two banks. Thanks for bringing this to the attention of the public. Paranoia? Nope. I have saved $1000s from fraudulent credit charges. One was a florida (i am in canada) charge of about $3000 for a BNB
Great information. I am a scambaiter and thought I knew every trick in the book. The despicable thing about this is that they don’t need to scam you they need to convince the carrier
Thanks Cal for alerting the public!
Convenience is the root of all of our problems we face today. Our not wanting to be inconvenienced, laziness and complacency has allowed criminals who are willing to work harder than you to protect your money, steal your money.
It's the banks forcing the changes in my country. Cashless. Bank closures. Feel sorry for elderly people who cant bank. Even phone banking being phased out by some banks.
💯💯😮
Not only is this video super informative, but it is also really well-produced!!! Thanks!!!
Sounds like a lawsuit against phone company
I had someone go into an At&t store, impersonate me to get an Apple Watch added and sent to them. I caught the fraud before it shipped, but I'm certain they would have done some 2FA fraud. Also, I ALREADY had an extra security pin on my phone account.
What kind of security PIN? Like "don't make any changes without this PIN" kind? 😬
Geeze!
The phone company is the blame from giving the access to the numbers to the scammers instead of hanging up or asking them the questions that is very hard to answered.
New federal law as of July 2024, mandates that your carrier allow you to LOCK your SIM card. Find out how to do it, and do it but ONLY through your carrier. That is what you need to know!
Thank you! I will look into it.
What about iPhone esim ??
Nice! 👍
Why aren't the pathetic mobile phone companies held responsible for the sim swapping? There should be a special code to switch the sim with the phone carrier.
The scammers are former employees based in another country.
It should be in person at the very least, plus more verification.
There is. These stories are from idiots who didn't enable it.
Both the carriers and banks shall be held liable. Then they will beef up their security processes.
Class action suits.
No this was the Phone Company to definitely blame
Great video Cal. Here are some tips to help prevent Sim swaps: as he indicated use an authenticator; don’t use your common number for your banking, or financial accounts. Get a separate number only for banks; don’t use your name for the new number, use a family name, or use your imagination.😅 most companies don’t care who’s paying the bill; most wireless providers offers SIM lock, you are not using it. Lock your SIM so it can’t be ported. I know Verizon, AT&T, T-Mobile, and even Visible offer it. Protect your SIM.
"you are not use it"
What does that mean?
☝🏾 what he said?
@@isaachopkins9280 I'm sorry, it was supposed to read "you Are not using it" thx you
Not all bank support authenticator .
@ unfortunately, you are 100% correct. I got lucky with mine
I can't even get through my cell customer services. You post is god send , you gather all essential in one VDO. thank you. Why can't we take the money back from the bad guys.
I feel like if a thief looked in my account, they would leave me money out of pity lol
The question is why are banks forcing everyone to use sms and calls for verification and refusing to allow another form of two factor authentication.
Banking regulations such as KYC - Know Your Customer. SMS code is sent to one device which can be located based on the cellular tower it was connected to at the time. An auth app could be on multiple device at the same time and entered from anywhere in the world, using VPNs or IP relays.
"Convenience," is the trade-off for security and visa versa.
Thanks sir!
The cell carriers need to better as well.
I think they should be held fully accountable. These companies should already know about these types of scams.
@ As much as I agree with you, don’t count on that happening.
Yea if the phone carrier is allowing this to happen then they should be responsible for the remedy
The algo brought me here and I love it . Such a great channel with insights I haven't come across elsewhere . Good algo, bring me more ❤ 🐕
There are scams where they call you and the number that comes up is your actual bank. It's crazy to me that these companies can't do something to stop this type stuff.
Gosh this has happened for a good 20 or so years now...happened here.
Biometric system is coming sooner than we all realize n scammers will be history.
The phone service that allowed the swap to happen by transferring the phone number sim card to a different device is the problem.
problem with the cell phone pins is it doesnt stop the inside job....
Well if it’s an inside job, the cell phone company is definitely on the hook
I 10000% knew there was going to be an Aura advertisement at the end of this video. 😂😂😂
Thank you for this very valuable information! I will be on HIGH alert moving forward.
I refuse to use the cloud for any backup or run programs from it. I also don't do my banking on my phone or put my credit or debit cards on it. I use my wired computer for my finances. My view is that there has never been a lock that one man built that another won't figure a way around it and A physical lock is much more secure than this computer world because you can't be on the other side of the world and pick it.
Thank you for a great video! Someone should create a list of which phone companies are the safest and which are the worst.
👍🏻👍🏻👍🏻👍🏻
Not worried because I never do any payments nor banking on my phone or computer. I still write checks and use an ATM and credit card
You're phone doesn't always stop working with a sim swap.
If you pick up your phone and the screen tells you to enter your pin and you never put that on your phone to begin with, then your phone has been hit. Get a new sim and PUK code.
Any extra "Security" step is usually also a attack point for attackers to attempt getting in.
Which is why I don't do banking on my phone and never use 2 factor authentication.
3:24 it doesn't matter if the woman in Maryland had strong passwords or not. The issue is, as pointed in the beginning in the video, is that providers like Xfinity Mobile can just simply be convinced with the last four digits of your credit card. This is easily seen even in receipts from your grocery store.
What needs to be done is to offer a well designed *Number Lock* system as well as setting and using your SIM pin. Number lock prevents your number going out with confirmation being sent to your EMAIL and not your number. SIM lock prevents your sim from being used unless you know its pin, effective when someone physically takes your sim and tries to put it in their own phone.
I used number lock on my verizon account. It works.
If only the phone company would call the phone number before doing the swap, the actual person who owns the number would answer and tell the phone company "Oh...HELL NO!".
This is why I don't use any banking apps.
exactly... I just told my bank that the other day .. again...
don't bank or buy things on/through my phone. it's bad enough my "data/pii" was breached multiple times from 3rd party entities; I don't do any really important business on my phone
Another good reason is the delays of posting both deposits and withdrawals can be used against you to charge fees if you are running out of cash. The transaction with a teller protects you from predatory fees.
Great mistake. Not having an online banking account may cause for someone else to create a banking account pretending is you. Plus you won't be able to check your money regularly. It will be like not regularly checking your credit report for identity theft 😂😂
@denisseceballos2258 They have to have your banking info prior to creating an online account. If they already have that info then they don't need to create an online account.
Lol!
You talk about not putting all of your eggs in one basket, but then you proceed to tell everyone to put all of their eggs in one basket with Aura.
Most phone companies have line locks that make you have to wait at least an hour before a swap can be made and they will send you a notice letting you know you just have to activate it.
Banks do not care, I remember my wife was in the process of getting money at a drive thru atm and a shootout started next to her when she was taking money out so she drove away scared, the money she withdrew was left in the atm, and the bank did absolutely nothing to help us or even reimburse any amount
The phone companies need to verify two Q&As you provide when signing up, send you an email that's on file with them for verification, and have a passcode on file when you first sign up that you must provide to them for the swap.
Thank you so much for this video it's been very helpful and informative. People are finding other ways to rip people off and rob them with out doing it physically! So sad 😢
You're very welcome!
This is a smart phone and user problem more than anything else. The best solution is to do banking on a personal computer or tablet and don't shop and bank on the same device. As the rapper Ice Cube raps, smart phone equals dumb dome. Walking around with all your financial and personal information on a single device is not very bright. People think it makes their life easier but it makes their life easier to be attacked.
Great Public service message. Thank you!
Banks needs to offer other 2fa methods than SMS as TOTP or Security Keys
They still don’t. Makes you wonder why. Inside jobs.
This.
Agreed its annoying that I cant use an authenticator
I mean.. The Phone company is the one who should have actually paid him
If you have your phone set with a PIN code and/or facial recognition they should not be able to access your phone as the phone with the swapped SIM would only get asked to provide the PIN.
Have two phones?
An SOS displayed on the cellphone’s upper right corner is not automatically a sign that a SIM swatch has occurred. You can encounter it when cell service is poor such as when driving through the boonies. For example, the phone my employer provides is with a cellular carrier whose coverage where I live is spotty at best. I had to request data roaming for the phone as another cell service provider has better coverage where I live.
There are bigger questions here:
How did they get the last 6 digits of his debit card in order to change the passwords?
How did they know he had money to drain in the first place?
These are inside jobs.
It's the bank tellers giving out the info. They are finding out who has money, then giving the phone numbers and debit card numbers to their accomplices so they can do the sim swap and reset the passwords.
They probably give the social security number too, but all those are already on the net anyway.
The fbi needs to go at the banks and the phone companies to stop this.
Lots of assumptions there. Any time you hand your card to a clerk or cashier, it is vulnerable to someone grabbing data. (A waitress in my area was caught photographing payment cards when people paid for their meals.)
Additionally, they don't attack only people with thousands of dollars in the bank: People with small balances get hit too. We are simply more likely to hear about the big cases.
@TheRealScooterGuy Most people don't hand their debit cards to people these days. I never do and haven't for years. In the case that they do, how does a random cashier also get your phone number/phone carrier?
But yes, a lot of assumptions. Still worth checking out. This has to stop and everyone at every step of this process should be looked at.
I agree on the inside job. I ordered checks from a newly opened Navy Federal account from the teller in the bank. I never received the checks. Because I check my balances DAILY and have activity alerts set up, I caught a check for $300 going through. I called NFCU immediately and cancelled those checks, had them create a new checking account for me and I got my $300 back.
It was either NFCU or USPS that got access to those physical checks because they never made it to my mailbox. I've never used or asked for paper checks again.
@@Mhel2023 👍
Your credit card number is literally the easiest thing to obtain and the least secure financial information you own. You use them all the time and they get taken out of your sight. The biggest crack in security though is when a giant corporation has a data breach and your info, including credit card number, is on a list bought and sold online. It is ridiculously easy to get a credit card number. Please learn how this works before you claim this kind of garbage.
Looks like phone company FKD up!!
The carriers employees may also be in on the scam
Great video as always Sir!!!
Thanks for watching and happy new year!
I would recommend contacting the bank which has most of your funds FIRST, AND do so while driving to the physical store of your carrier. Unless you live more than 15minutes away from the store. Call to carrier will almost always take longer than visiting the store.
The people who get hit by these the most are the ones that barely learn how to use their phones and how to secure their accounts because they find it too difficult to get back in. When I worked in this field the actual owners of the accounts always knew less about themselves and their account than the fraudsters
On Verizon turn on Number Lock and SIM Protection
The last four numbers are the ones that show up on receipts if you change your card
My carrier has a SIM card protection that takes about 10 seconds to do, and makes it much harder than what is described in the video. Of course, vern phone users have to set up such a thing with their provider's use interface.
That's where a video like this is helpful to raise awareness.
You cannot use Authenticator apps if the banks don’t allow you to program them. Most of these major banks won’t allow it. Some smaller banks allow it, which in return have lesser features like low Zelle payments. Or no Zelle at all. These major banks have low tech security and no one is complaining to the banks.
3rd party authenticator apps is not secure. Stop being silly.
Banks don’t want your phone number just for 2FA, they want it to sell your information to data brokers who want to marry your social media activity with your financial activity. Banks purposely leave out options other than phone number from 2FA because it’s never been about security, it’s about surveillance.
@@thimblemunch24Why do you say that authenticator apps are insecure?
@@LeeHawkinsPhoto Cause they're not open source and you don't know if your authenticator info is being sent to a 3rd party server or not.
Also freeze your credit with the 3 agencies. It's free and you can lift it at anytime.
0:32 my account is negative so jokes on them
😂😂right😭😋
😂😂😂😂😂 good job 😂
Good work bro. I appreciate the clear and direct information.
This is why all this tech mess isn't good.
Checks & cash. No problems.
Everyone is "welded" to a cell phone. Feds, FBI, IRS know your every move & where to find you.
Like he said, put a pin on your phone account. Also where possible, don’t use texts for multi factor authentication, use an app such as google authenticator. Also use a unique email address for each financial account, as well as your cell phone account. Also have the only recovery method for those email accounts be a cryptographic key that you print and store somewhere secure.
You likely can't call the bank and phone carrier to report fraud since you can't make a call from your phone.
There are other people…perhaps one of them has a phone?
This happened to my mom last year in Myrtle Beach. She was able to get to her accounts for the most part before a ton of damage was done, but this is very scary. My parents are retired and on fixed income so this could have destroyed their lives. She was near certain it was a physical attack by someone at the resort that opened her up to the sim swap
So you don’t need a transaction to take money out of your account now?
How are banks or cell phone carriers not liable? You didn’t authorize the money to be taken out….
If only the banks would support other forms of two-factor authentication other than SMS.....
This is why you need at least two phone numbers… one secret.
I do, but many companies don’t accept my Google voice
Have two phones?
@ yes, I have five phone lines, and three data lines… using one for this iPad
It boggles my mind that some major financial institutions still don't support authenticator apps for 2FA.
For eSIMs (or to conduct ANY account business online) phone companies (all companies, really) should require us to input a unique 4 or 6 digit code that we create.
When we call these companies, we usually get a recorded voice asking for our phone number. Why not ask us to input a unique code after we input our phone number? The code would basically 'unlock' any features we want to ask for by the time we reach the customer service rep.
This would eliminate humans from knowing what our unlock code is, as we would set all this up ourselves upon our first contact with the service.
Also, if we go in the store and the csr pulls up our account, there would be a keypad that we would input our code before the account unlocks to make any adjustments.
Since Fall 2024, SIM and PORT-OUT can be locked by the US Carriers (preventive action is better than corrective actions). Contact your carrier for details...BTW, PORT-OUT is when a number is transferred to a different carrier...
My phone company now requires I come in and present an ID (that is scanned) to change any number.
A lot of people are practically accomplices because they share anything and everything on social media and elsewhere on the internet.
Why wouldn't they just call the number and confirm it. Ridiculous
Because thieves spend more money especially when it's not theirs
This is easy-the thieves will claim that someone stole the phone-in which case calling the old phone before will be pointless, because the phone company would be calling a phone thief.
I blame the cell phone companies. All these services used to have to be done in person, at a store. Now they have outsourced that to software or overseas.
This should all be in store only and require photo identification.
So what you’re saying is that only carriers with brick and mortar stores should be able to do business? And you’re also giving each carrier a monopoly on selling phones for their network? Also do you realize how far someone in a rural area could be from a brick and mortar store because they’re hours from a major city? Also do you understand how much more expensive all of this will be, as costs will get passed onto you? There are really simple things that can be done to increase security on a wireless account. I don’t think you understand the nature of the wireless industry though…nor how much customer abuse will get brought back from when you were forced to buy a phone that only worked on one carrier.
I don’t have alot of thousands of dollars like these victims had but I got a few. Something like this could really hurt me or someone in my position. Hopefully carriers implement security measures that can stop this completely.
Everything you suggest is wayyyyy too late
How the hell do we prevent this???
I thought two factor was very secure, so much for that.
What would be helpful is to know the details of how it’s done. For example you said lady got money stolen with both 2 factor and strong password.
There are law enforcement people who illegally gain access to our phones without needing a warrant. These phone companies allow it. It violates our fourth amendment rights
1. Stop telling people who your phone carrier is even in casual conversation...lie
2. Set up a pin # with your mobile carrier so when you call they ask for your pin always
3. Freeze your credit with all 3 credit bureaus
go to 9:27 he said call your cell phone provider and setup account pin. and setup 2 factor authentication on other accounts. the 1st 9 minutes are full of fluff easy to drag a 3 minute video to 12 minutes for watch time.
The upside of being broke , living check to check is that if a scammer gets my info they’re as screwed as I am lol but on. A serious note these companies need to do better
Plot twist. He actually hired someone to drain his account and doubled up!
Is this an extended advertisement for Aura!?!
Lock your SIM cards through your settings. Done at that point it's dead basically. Older phones can't do it but i know newer phones can
They can still steal your phone and just take the Sim and put it in another phone
@@Nomad-pc6jm 🤦♂
That’s not how this works! That SIM card lock via pin in your phone settings has nothing to do with the SIM swap scam.
You must call your cell provider or try their website. Set a PIN for your SIM. Can’t just do it from the phone settings.
I was sim swapped THREE TIMES in about a year and 1/2. We ended up changing my phone number the last time (which is its own PITA) and that has so far worked. So far. Definitely have ramped up security measures.