Account Security Concern — 355+ Open Ports Scanning “T-Mobile.com” — Severe Third-Party Control
My family and I have undergone a serious security breach from account opening in September 2023 to present. I have taken to network security websites and tools to try to determine the cause of the problem that is keeping persistentconnection from a third-party on my mobile lines Recently I did a Port Scan for the domain "T-Mobile.com" and found that there is at least355 open ports(and 10's of thousands of identified, closed, or blocked ports). This is very much out of the norm for any other domain I scan (having only 3-5 open ports). I am seeing Port 11 (sysstat - active users), 9040, 9050 and 9051 open for tor transport, 12345 and 12346 for backdoor Trojans onto ourdevices, amongmany other seriously concerning ports Threat actors have enabled third-party licensure and tools for our accounts which forbid security and privacy. Every bill's text and call log activity is 90% unrecognizable activity. It is strongly believed my phone lines andall activity on them are being shared. When I go into the store, the IMEI numbers showing are not the ones belonging to my devices. There is also an unremovable "managed network" under settings and then Wi-Fi and then saved networks that has always been there and is there when I put my eSIMs or physical SIM cards on any device and goes away when I turn the eSIM off or take the card out. The account is sole-owner, and no credentials have been given out to anyone, ever It also sounds like, from what I heard in store, simply closing the account and creating a fresh one is not an easy process. We have changed numbers and transferred phone service providers two times already and I do not want to do it again if I don't have to. The crime has survived for almost two years now, and I believe my information and my family's information was leaked How do I stop this?I don't know how to close ports or reassign the IP address designated to t-mobile.com. I'm really not sure what to do, but would really appreciate the help Thanks!SIM Swap vulnerabilities/ 2FA risks
So with the onset of SIM swap attacks as well as numerous links over the year I wanted to start a discussion to talk about things that we as consumers can do to better protect ourselves. As well as I hope to share information and ideas to T-mobile to improve their security when it comes to our accouts. For those of you who don't know about the scam that has been going on a attacker will pretend to be you to get T-mobile to assign them a sim card with your number. It is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message or call placed to a mobile telephone. Think whenever a bank for example sends you the little 6 digit code to your phone to reset a password as a example. I believe T-mobile should have measures in place that allow for a customer to require a instore visit as a pre-requiste before any kind of change like that can occur. T-mobile should also be sending updated alerts before any kind of change happens on the account to both the cell numbers on the account as well as the email address on file. These alerts should require approval before the change itself can actually go through. This would be far more full proof than just having a pin on the account and would prevent this scam from working as easily as it does. Thankfully, this has not happened to me but it is concerning as T-mobile is really lacking in providing tools for consumers to secure themselves.
I've been hacked.
I think my phone has been hacked. I received a text message to say my service would be changed if I didn't type STOP to opt out. The stop would never go through. I've hadfree service, via sprint, for a couple of years because I'm on medicade and disabled. Today, all my service has been redirected to a third party, but it also says it's Verizon, but Verizon says it's NOT them. I had to pay 15.00 to basically TRY to get my phone unlocked. Even though I paid, ANY call I make routes me back to the service wanting more money. The phone number wanting the money is 281-885-8498. My number, that was with sprint is ##, can you please help me?
