cancel
Showing results for 
Search instead for 
Did you mean: 

SIM Swap Fraud

Catherine_T
Retraité / Retired
Retraité / Retired

*July 14, 2021 Update*

 

We are pleased to announce that as of July 14, 2021, SIM card changes have been re-enabled in My Account

 

We temporarily disabled all online SIM swaps in March, to protect our customers from SIM swap fraud.

 

We have now implemented an additional step in the form of a 2 factor-authentication code to secure this process.This code can be sent via SMS or email, and must be verified to complete the SIM swap.

 

For more details, please see below.

 

Jade_S_1-1626272487403.png

 

All the information below can be found in this Help Article. 

 

---------------------------------

 

*March 8, 2021 Update*

To protect our customers from SIM swap fraud, we have temporarily disabled all online SIM swaps through Self-serve. To change your SIM card, please submit a ticket here

 

Customer safety and security is our priority, and we are working on permanently securing the online SIM swap process. In the meantime, we recommend that you continue following the steps outlined below to protect against fraudulent activities.

 

-------------------------------

 

Hey Community,

 

We’ve noticed some cases of SIM swap fraud, and wanted to help our customers better understand what SIM swap fraud is, what to do if you’ve been targeted, and how to prevent it in the future. 

 

All the information below can be found in this Help Article. 

 

What is SIM swap fraud?

 

Efforts by fraudsters to gain unauthorized access to customer accounts with the goal of accessing banking information is on the rise. As part of our commitment to protect our customers’ personal information, we have robust security protocols in place that are designed to protect the privacy and security of our customers.

SIM swap fraud, or SIM jacking, is a type of fraud that occurs when fraudsters gain access to your Self Serve account, to replace your SIM card information with their own. After replacing your SIM card, all communications will be redirected to the fraudster’s device. They will then be able to intercept recovery SMS/calls, and gain access to your personal banking, ecommerce, email and social media accounts. 

 

How does SIM swap fraud happen? 

 

Fraudsters can obtain customer Self Serve account credentials through malware, phishing attempts or data breaches on websites where login credentials are the same as your Self Serve account. 

 

What do I do if I’ve been targeted by SIM swap fraud?

 

If you have been targeted by SIM swap fraud, we recommend you take the following actions to secure your account:

  • Change your Self-Serve account password and security question immediately to lock the fraudster out of your account

 

  • Put your phone into Lost/Stolen mode to suspend the fraudster’s service, to do this follow the below steps: 
    • Log in to you Self-Serve account
    • Go to Plans and Add-Ons, then select “lost/stolen phone”
    • Select “suspend service”

 

Catherine_T_1-1612535117310.png

 

 

  • Then, submit a ticket here - our Moderator team will be able to restore your original SIM card. 
  • We also recommend contacting your financial institutions to ensure your banking and credit card accounts have not been accessed, and checking your social media accounts for any suspicious activity. Make sure you change your passwords to these accounts immediately. 
  • You may also want to report the fraud to your local police and the Canadian Anti-Fraud Centre at 1-888-495-8501, as well as contact the two national credit bureaus to request a copy of your credit reports and place a fraud warning on your file (Equifax Canada Toll free:1-800-465-7166 and TransUnion Canada Toll free: 1-877-525-3823).

 

How to protect against SIM swap fraud? 

 

Given the increase the telecommunications industry has seen in fraudulent activity like SIM swaps and unauthorized porting, we recommend that Canadians take the following steps to protect themselves:

  1. Protect your information: limit the amount of personal information about you online; fraudsters can use this information to verify your identity when attempting to swap your SIM. Be careful to not click on phishing emails (and texts) that ask you to provide and/or validate private information. 
  2. Guard your phone number: don’t add your phone number to any online accounts where it is not necessary. The fewer accounts you have associated with your number, the lesser your risk.
  3. Use strong and unique passwords for each of your accounts: using the same password across multiple accounts is a hacker’s jackpot. When you use the same password across different accounts, remember that once they successfully hack one account, they’ve hacked them all.  We also recommend that you change your passwords, including your Self-Serve password regularly.
  4. Set up authentication methods that aren’t text based: often, online accounts will require you to set up two-factor-authentication (2FA) for added protection; with 2FA, you need to authenticate yourself with something in addition to your username and password, such as a code that is sent to your device by text. With SIM swap fraud on the rise, you may want to use something other than your phone number for 2FA like an authenticator app or security key.

 

While Public Mobile is actively working on ways to help keep our customers safe, please make sure to stay vigilant, and be aware of any suspicious activity. 

 

- The Public Mobile Team

 

197 REPLIES 197

jp2
Deputy Mayor / Adjoint au Maire

It would also be nice if people couldn't have the user name mod, PM, etc to prevent people from accidentally sending a private message with all their info to another user.

Korth
Mayor / Maire

It seems to me this discussion is basically just emphasizing how backwards and limited this Lithium/Khoros forum software really is. It introduces security vulnerabilities (and other problems) instead of removing them.

terrybev
Great Citizen / Super Citoyen

I would definitely like to see an easier way of regaining access to my phone. It took me all day how to figure it out. I am an elderly person and computer illiterate. It was so simple before and now? For that reason, I would not recommend PM. to my friends. I have been with PM for a few years and have never had a glitch, this one was a big one and i am not happy. I am thankful that the moderator Eddy finally came to my rescue. Thank you Eddie

kraeb
Great Neighbour / Super Voisin

A heads up to anyone else who may have had their SIM swapped...

 

It happened to me 3 months ago, I got my phone back and changed all my passwords.  Before I knew it happened, they were able to hack my email and I cannot access it, nor can Microsoft do anything. 

 

But yesterday I found out that they were able to get financing from PayBright for $7500 and make a huge purchase...so now I have a loan that isn't mine that PayBright is looking for payment on.

 

Keep an eye on your banking records and run any credit reports you can! Credit Karma and Equifax are free.

@kraeb sorry for that you have gone though

 

So, how long you found out the issue and reported to PM  after the SIM was swapped?  And how long after you found out you lost the email access?

 

So you never able to get back the email ?   

 

Since you have proof that you have SIM fraud and lost email access, i hope it's an easy investigation and they can clear you soon. 

 

kraeb
Great Neighbour / Super Voisin

I realize it happened within 12 hours probably.  It happened some time overnight and I noticed the swap and email issues in the morning, though I wasn't sure what was going on at first. And the purchase they made was throughout the night when they had access to my phone number.

 

The person changed my email password and set up 2-Factor Authentication, so there's absolutely nothing Microsoft can do to get me my email back.  It was an account I had for 15+ years, so there was a lot of info in there.

 

I'm waiting to hear back from the RCMP to submit a police report for fraud, then I can send it to PayBright's fraud department.  Hopefully it will be resolved quickly!

Hope all turns out right in the end.

 

Thanks for updating us and sharing your experience.

 

@kraeb 

It would be advisable to set up 7 year fraud alerts with equifax and transunion. This ensures that you are called whenever credit is applied for in your name and is refused unless you approve that you have applied for the credit.

Yes, I read something before saying using phone as the 2FA is not safe.  That's why they are targeting SIM swap these days.    

Junaidnur
Great Neighbour / Super Voisin
Hello I am facing the biggest SIMCARD SWAP hack and need help. I just recently ordered a triple punch SIM through your website but everywhere around me in Oshawa Ontario I am being provided multi SIM card that looks to be triple punch SIM CARD but are able create E sims out of it .
Need Help? Let's chat.