Hello all. I'm writing this here because there doesn't seem to be a way for me to engage T-mobile over email (so as to send them all the evidence related to my horrible experience), and I'm hoping that a representative monitoring the forums will pick up on this and provide a way for me to discuss this with T-mobile over email. Two day ago on the 25th of January, I was victimized by a SIM card swap scam perpetrated by some total strangers in New Jersey (I live in Washington state myself). The fraudsters apparently called T-mobile, impersonated me, and got my number transferred to their SIM card, which they then used to gain access to my bank account and PayPal account, leading to two days of hassle and anguish, as well as the financial damage listed below:$10,000 from my bank account that I cannot use pending investigation of fraud $1,075 in charges made to my credit card from my PayPal account Approximately another $100 in non-credit card-funded charges made using my PayPal account $62 I had to spend with my bank to preemptively decline further charges from PayPal before I was able to report the fraud (as PayPal, amazingly enough, doesn't have 24-hour customer service, so I wasn't able to stop the fraud until they opened shop at 6AM the next day) Plus whatever other information the fraudsters have been able to glean from the data associated with my number that they may yet put to nefarious useI've had to spent the past day and a half closing and reopening accounts with my banks, changing phone numbers and passwords associated with my credit cards, and losing sleep in general because of this attack, and all because someone at T-mobile evidently didn't follow procedure (or worse). As outlined in this link, it's apparently now T-mobile policy that "SIM card changes will now require either SMS verification from the customer or the credentials of two employees". My niece, who is the owner and administrator of the account that my number (the one that was stolen) falls under, absolutely was not contacted by T-mobile prior to the SIM swap taking place; she only received a SMS notification after the SIM card change had already taken place (and we still have the message itself to prove it), at which point it was already too late to prevent the fraudsters from gaining access to my bank/online accounts. T-mobile also did nothing in terms of verifying identity before they handed control of my phone number to these fraudsters, as the PIN my niece set up on the account was evidently never asked for (she has never shared that PIN with anybody, including me, so it's not possible for the fraudsters to know it). As for the possibility that two employee credentials were used to effect the SIM card change -- well, that'd mean that this was an inside job, and would make it even more pivotal for T-mobile to contact me so that I can help them root out these bad actors from their ranks. In any case, I would like for any T-mobile representative perusing these forums to contact me so that we can continue to discuss this matter over the phone and over email. I strongly believe that T-mobile is culpable for the damage I suffered as a result of this fraud, because under no circumstances should any T-mobile representative simply hand over control of my phone number to some guy who found my name/address/number off internet white pages or whatever without even bothering to verify the matter with the customer who owns the number. Enhui Hao

Most people don't realize how much info they give away just from doing everyday tasks. When you walk into a store, they already know who you are, your address, phone number, what credit cards you have, how much credit you have, and so on. Apps like Facebook mine your phone even if you never launch or sign-in to the app. eSIM's contain way more information than a pSIM but either can be compromised from having a malicious app on your device or even walking by the wrong person skimming devices in public. Don't save passwords, addresses, or payment info in your browsers. Those conveniences are just as easy to access by the right person as it is for you to fill in that webform. Never use the same passwords twice and across multiple sites and make sure you update your recovery information for anything, like an e-mail address to ensure that no one can compromise your accounts from something you used to use but no longer do. Enable 2FA when it is an option to help try and make it tougher for anyone to compromise your accounts and information.

Please send me your phone, email address which linked to it for the password reset and bank account username for which you get two factor authentication code on this phone and I will give you a fine demonstration of it real time.Criminals first change personal email (yahoo, hotmail, gmail) password by receiving password reset code on the phone after sms swap. Then changed the password for financial institutions as they had hold/access of my personal email and phone and could further use the phone for two factor authentication to log in. With all the data breaches over the years at many companies, username information is widely available.

Y’all might want to look into the new SIM protection feature:https://tmo.report/2022/12/t-mobiles-new-sim-protection-is-now-live-heres-how-to-enable-it/

These forums are pretty much a peer help forum. You either need to call Customer Care and speak to someone or reach out to T-Mobile via Facebook or Twitter.

I'm sorry to hear this I was also a victim of an unauthorized SIM Card swap and had $15,000 stolen. Of course T-Mobile makes it hard and won't provide information because they don't want to take responsibility for what happened. Did you find a way to get your money back? Im still going through the process of figuring this out myself so if anyone has any useful information please pass it on to us.

enhuihao

Newbie Caller

Hace 3 años

Victimized by SIM card swap scam; would like to engage T-mobile regarding aftermath

Hello all. I’m writing this here because there doesn’t seem to be a way for me to engage T-mobile over email (so as to send them all the evidence related to my horrible experience), and I’m hoping that a representative monitoring the forums will pick up on this and provide a way for me to discuss this with T-mobile over email.

Two day ago on the 25th of January, I was victimized by a SIM card swap scam perpetrated by some total strangers in New Jersey (I live in Washington state myself). The fraudsters apparently called T-mobile, impersonated me, and got my number transferred to their SIM card, which they then used to gain access to my bank account and PayPal account, leading to two days of hassle and anguish, as well as the financial damage listed below:

$10,000 from my bank account that I cannot use pending investigation of fraud
$1,075 in charges made to my credit card from my PayPal account
Approximately another $100 in non-credit card-funded charges made using my PayPal account
$62 I had to spend with my bank to preemptively decline further charges from PayPal before I was able to report the fraud (as PayPal, amazingly enough, doesn’t have 24-hour customer service, so I wasn’t able to stop the fraud until they opened shop at 6AM the next day)
Plus whatever other information the fraudsters have been able to glean from the data associated with my number that they may yet put to nefarious use

I've had to spent the past day and a half closing and reopening accounts with my banks, changing phone numbers and passwords associated with my credit cards, and losing sleep in general because of this attack, and all because someone at T-mobile evidently didn't follow procedure (or worse). As outlined in this enlace, it's apparently now T-mobile policy that "SIM card changes will now require either SMS verification from the customer or the credentials of two employees". My niece, who is the owner and administrator of the account that my number (the one that was stolen) falls under, absolutely was no contacted by T-mobile prior to the SIM swap taking place; she only received a SMS notification after the SIM card change had already taken place (and we still have the message itself to prove it), at which point it was already too late to prevent the fraudsters from gaining access to my bank/online accounts. T-mobile also did nothing in terms of verifying identity before they handed control of my phone number to these fraudsters, as the PIN my niece set up on the account was evidently never asked for (she has never shared that PIN with anybody, including me, so it's not possible for the fraudsters to know it). As for the possibility that two employee credentials were used to effect the SIM card change -- well, that'd mean that this was an inside job, and would make it even more pivotal for T-mobile to contact me so that I can help them root out these bad actors from their ranks.

In any case, I would like for any T-mobile representative perusing these forums to contact me so that we can continue to discuss this matter over the phone and over email. I strongly believe that T-mobile is culpable for the damage I suffered as a result of this fraud, because under no circumstances should any T-mobile representative simply hand over control of my phone number to some guy who found my name/address/number off internet white pages or whatever without even bothering to verify the matter with the customer who owns the number.

Enhui Hao

muralin
Newbie Caller
Hace 2 años
How did the scammers gain access to your financial accounts' credentials? You cannot steal the money with just the SIM swap scam?
muralin
Newbie Caller
Hace 2 años
Criminals first change personal email (yahoo, hotmail, gmail) password by receiving password reset code on the phone after sms swap.
Interesting. 2 more questions:
How will the criminal know my email address associated with my financial institution unless it was compromised as part of the breach? I use 4 different email addresses for different purposes (one for financial services, one for other services like TMo, Netflix, etc, one for personal email and one for everything else).

I was a victim of a TMo SIM swap scam yesterday. I never got an SMS asking me if I initiated a swap. After the swap was completed, my daughter who is the primary account holder got an SMS that the swap was successful. She immediately asked me if I initated the swap and I noticed that the signal strength indicator on my phone had disappeared. I immediately called my broker and bank and blocked all my accounts (11 accounts across both). Both asked me a lot of personal info to confirm I was the legitimate customer. I dont believe the scam artist will have access to all the needed information to muck around with my accounts. In fact, my bank asked me to hang up and then called my wife's phone to continue the discussion. How can a bank share any of a person's credentials with only an email address and the phone number associated with the 2FA. By the way, I drove to the TMo store and got a new SIM - yes, 2 TMo employees at the store authenticated me to do another SIM swap.
ashg2000
Roaming Rookie
Hace 2 años
Good for you!! Not here to argue or need to convince anyone that this happened to me. Just shared my experience.
ashg2000
Roaming Rookie
Hace 2 años
BobT wrote:

Y’all might want to look into the new SIM protection feature:

https://tmo.report/2022/12/t-mobiles-new-sim-protection-is-now-live-heres-how-to-enable-it/

Thanks for sharing!!
SarcasticWhole
Network Novice
Hace 2 años
muralin wrote:

How did the scammers gain access to your financial accounts' credentials? You cannot steal the money with just the SIM swap scam?

With your various user names and passwords saved to your phone it doesn't take much to brake into your Google account and pull up all your passwords. We think we are between a rock and a hard place because we have so many accounts that require passwords and some require just letters, others want upper case and lower case then some want a number added in while still others want all that and a special character. I'm guessing the time will come when they will require a photo of my butt to digitally map and compare to that photo of me mooning the opposing teams bus back in high school. I am so sick of Google and ALL of the cell service companies.

Forum Discussion

Victimized by SIM card swap scam; would like to engage T-mobile regarding aftermath

Contenido relacionado

Regarding Phone Upgrafe

need help regarding iphone 14 pro max

Regarding the wireless router I am currently contracted with.

Regarding documentation for purchase of new prepaid Tmobile sim

Inquiry Regarding Prepaid eSIM Activation from Abroad

Discusiones recientes

Extremely Disappointed - A Very Bad Customer Service

False Information in Promotional Email

Terrible Customer Support

Poor Customer Service

T-MOBILE BAD FOR BUSINESS!