cancel
Showing results for 
Search instead for 
Did you mean: 

Fraud or cloned SIM?

pavellyzhin
Good Citizen / Bon Citoyen

Just before my working day was over I started receiving emails from paypal indicating there were changes completed to my account and new charges/payments to my account. I tried to recover paypal account to found out my phone suddently stopped working - no calls or messages, emergency calls only. 

After a few hours dealing with my credit card provider and Paypal, I realized I could see call and messages throught my PM account, these calls and messages I did not make. My phone was always (!) with me and it worked this morning.

So, I blocked services as "Lost/Stole Phone". When I pressed a button "Change SIM Card" I noticed it has last 4 numbers which are completely different from a SIM card number in my phone. 

How did it happend and what shall I do?

Did anybody have the same experience?

I could not even imagine it is possible to steal your phone number and use it to make purchases with PalPal!

 

66 REPLIES 66

@glany222 Glad everything turned out reasonably well for you. I keep preaching this in hopes people will start listening, don't ever use your phone number as a method for 2FA/MFA using SMS. Use an authenticator app or email with strong password. These are phone specific and NOT phone NUMBER specific. So even if someone takes your number it is useless in terms of accessing anything else with 2FA/MFA.

@glany222  Yup, a lot of sim swapping happening around here lately, not good. Glad you got it resolved. 

 

Make sure your email is secured.

glany222
Great Neighbour / Super Voisin

I faced similar situation today. When I got up in the morning, I saw an email that my Paypal password has been changed and 2-Step verification is disabled. To access my Paypal account one needs to have access to my PM number to get security code. But my PM number was disabled. After resetting Paypal password, I saw that there was a transaction for $364 on NewEgg.ca where someone ordered an Apple Airpod, also an email confirmation on my inbox about the order. Immediately I contacted newegg and cancelled the order. Tried contacting Paypal multiple times to report this fraud, but no help. Paypal was very busy.

Reported the issue to PM moderator and after couple of hours got a reply to restart the phone. 

Now everything seems to be normal. I have access to my Paypal account with updated password. PM Selfserv account with updated password and access to PM number.

Limix
Great Neighbour / Super Voisin

thanks for the detailed response. I have already done those steps. + I had to change my security on multiple other sites as well.. it's been a really long night!!! ah well i guess it's morning now isn't it ! lol

Based on what you are saying I'm assuming your phone has onky emergency service. 

@Limix Log into your self service account. Use the change sim option and check to see if the last 4 digits  matxh the one in your phone.

20200723_093448.jpg

 

If they don't you were SIM jacked.Change your password, security quuestion and answer and place your phone on lost/ stolen.

20200504_182846.jpg

 

And contactt he moderators and ask them to switch your sim back for you. There are 2 ways to contact the Moderator Team:

  • Faster response- Get help with your account the easy way by starting a conversation with our virtual assistant, SIMon. It’ll take you to relevant help articles, or if it’s something more urgent, it can help you submit a ticket to the Moderator Team. Click here to get started.
  • Slower- Alternatively, you can send a private message to the Moderators by clicking here. You’ll need to be logged in to your Community account for the link to work.

Once connected to Simon, you will be asked to log in again with your community user name and password.  Please do, this allows you to continue and send your message.
- Check your private message sent box (click on the envelope top right of your screen) to make sure the message was sent.

- Keep an eye on the envelope top right of your screen.  The mods answer will show up there.  When it does, you will be asked to verify your self service account, with your password and login. Doing so allows the process to continue. Stay safe. 

Limix
Great Neighbour / Super Voisin

just happened to me, they tried to make over $16000.00 in purchases on paypal! holy hell!

@pavellyzhin Glad it worked out in the end. It's unfortunate it took a while to get going.
Kudos to the third mod on getting the job done. Would you happen to know his/her name and can share with us?


@pavellyzhin wrote:

The third mod did her job. In less than 24 hours she closed my old account and opened a new one with a new SIM card. She ported my number to a new account and one month credit was given to me to cover the cost of a new sim card and lost services from prepaid month before. Not sure if I get loyalties and refer a friend monthly rewards back (she will contact me in a week) but at least I got access to my phone number! 


@pavellyzhin Good news. Thanks for letting us know.

Pizzaeh
Deputy Mayor / Adjoint au Maire

@pavellyzhin wrote:

No, nothing was explained. Just standard phrases and standard apologies in a very polite way. Really, I do not expect they would tell me what happened.

 

 


@Pizzaeh wrote:

 

Holy macaroni, finally something.

Have they explained what happened?

Why they couldn't do this earlier or why they couldn't instruct you on what you could have done earlier? 

Something to get the subscriber up and running sooner than three weeks.  

 

Anyway, I'm sooooo glad you've got your number and account back. 


I hear you; in a way, I also don't expect them to give out the details if it was something more than trying different pw's like in @ekung's case.  For security and privacy reasons.  

pavellyzhin
Good Citizen / Bon Citoyen

No, nothing was explained. Just standard phrases and standard apologies in a very polite way. Really, I do not expect they would tell me what happened.

 

 


@Pizzaeh wrote:

 

Holy macaroni, finally something.

Have they explained what happened?

Why they couldn't do this earlier or why they couldn't instruct you on what you could have done earlier? 

Something to get the subscriber up and running sooner than three weeks.  

 

Anyway, I'm sooooo glad you've got your number and account back. 

Pizzaeh
Deputy Mayor / Adjoint au Maire

@pavellyzhin wrote:

The third mod did her job. In less than 24 hours she closed my old account and opened a new one with a new SIM card. She ported my number to a new account and one month credit was given to me to cover the cost of a new sim card and lost services from prepaid month before. Not sure if I get loyalties and refer a friend monthly rewards back (she will contact me in a week) but at least I got access to my phone number! 


Holy macaroni, finally something.

Have they explained what happened?

Why they couldn't do this earlier or why they couldn't instruct you on what you could have done earlier? 

Something to get the subscriber up and running sooner than three weeks.  

 

Anyway, I'm sooooo glad you've got your number and account back. 

 

Anonymous
Not applicable

 @pavellyzhin 

Great news. What an ordeal you and ekung have been having. Let's hope he's getting resolved on this too.

pavellyzhin
Good Citizen / Bon Citoyen

The third mod did her job. In less than 24 hours she closed my old account and opened a new one with a new SIM card. She ported my number to a new account and one month credit was given to me to cover the cost of a new sim card and lost services from prepaid month before. Not sure if I get loyalties and refer a friend monthly rewards back (she will contact me in a week) but at least I got access to my phone number! 

pavellyzhin
Good Citizen / Bon Citoyen

The third mod is working on my case Smiley Frustrated

Yesterday I asked if it was safe to replace my sim card with a new one. Still waiting for a reply.

Will see how it works. I decide to wait until the end of this week and then port my number out.



@pavellyzhinif you're still accessing this forum my recommendation is to keep your Public Mobile account active by replacing your SIM and regaining access to your phone ASAP.

 

The reason I say this is because if there is identity theft going on here by re-gaining access to your phone you will get a better uderstanding of what they were up to by monitoring incomming messages on your phone.

 

For example they were trying to open up new accounts, setting up two step authentication etc .....

 

Hopefully that is not the case but if I were you I would be planning for the worse case scenario. 

 

Hope this helps and good luck.


 

steff12321
Model Citizen / Citoyen Modèle

@pavellyzhin Honestly I'm getting frustrated here on your behalf... Just follow the advice and get a new SIM already. Even order it online and wait a couple of days to get it before this turns into a month long ordeal. 

 

Hopefully they will close up their fraud investigation by the end of the year and you will have your answer, but I think the time to be proactive is long overdue. Who knows what else the "hacker" is doing with your number at this point. I'm sure they won't keep paying your bill and keeping the number active if they no longer have a use for it. 

pavellyzhin
Good Citizen / Bon Citoyen

Upate:

Day 20 (April 15) -no changes. Mods are replying that it`s still work in progress.

dumbdobie1
Great Citizen / Super Citoyen

Agree with everyone condolences on your long wait. Hopefully the mods will be able to sort out this issue for you soon.

steff12321
Model Citizen / Citoyen Modèle

@pavellyzhin wrote:

 

PM fraud department has been investigation this issue for almost two weeks now. Do you really think if it was so easy to fix or the problem was on my site they will not tell me about it? 

 

With all due respect to PM's fraud department, they may well be investigating what happened, but it shouldn't take two weeks to pull the log of IPs that have accessed your account recently. This is a budget provider and you need to do some of the heavy lifting yourself. 

 

If you have the patience to do so, by all means, keep waiting for their resolution to this issue. But as others have mentioned you can fix the problem yourself by just getting a new SIM card and activating your line on that SIM card. Also if this was a priority for public mobile to resolve, they would fix your issue of not having phone service before beginning their investigation - it's just common sense you fix the problem before trying to find out what happened. If my house caught fire I would call 911 or try and get a fire extinguisher before checking if I left the stove on, or if there are any electrical problems. 

 

If you want something done right, you gotta do it yourself - and as an added bonus you will be able to resolve your problems with PayPal following you getting your phone number back.

 

To be honest I am shocked they haven't couriered you a new SIM card yet, although there is a lack of customer service here, your case shouldn't be on the back burner for this long. 

pavellyzhin
Good Citizen / Bon Citoyen

Thank you for all these recomendations. And no, I did not port my number two Rogers. I just use a second sim card in the phone. I still have a hope that one day PM will fix it. Ive been with PM for a few years with no complains until recently.  

 

PM fraud department has been investigation this issue for almost two weeks now. Do you really think if it was so easy to fix or the problem was on my site they will not tell me about it? 

 


@steff12321 wrote:

@pavellyzhin I thought you ported your number out to Rogers? 

 

In all honesty, I think your password was compromised either due to another website you use being hacked, or through a phishing attempt. Was your PM number new from PM or was it ported in from another provider? The reason I ask is because if it was a new number, a simple lookup would tell them that this number is from PM and they could try using that compromised password and voila they're into your selfserve account. If it was ported in, they likely hacked your email first and saw some emails from PM which lead them to hack this account. Just trying to figure out the extent of this hack. Your other accounts which are associated with your email may be vulnerable. 

 

I would suggest you sign up for a new gmail account, change your email in selfserve, and change your password. Then get a new SIM card and change your account over to that SIM ASAP. While I completely agree that PM should have sent you a rush SIM card by overnight courier, you can't be relying on other's actions to fix your own problems, especially with how unresponsive the mods are around here and the fact they are not taking charge of your issues. 

 

However, I find it laughable that people think this is a cloned SIM or some kind of man in the middle attack. Unless you are a high level executive (which I doubt as you would probably have cell service with one of the big 3), having a hacker go to that extent to take over your accounts is ridiculous. Considering most data (especially passwords and account information) is sent encrypted nowadays, and SIM cards are VERY difficult to clone, not to mention you would need access to the original card, I seriously doubt this is what happened. 

 

I would suggest following what everyone is saying here and:

1) Secure your account (new email, new password)

2) Get a new SIM

3) Change your account over to the new SIM 

4) Done, enjoy having your old number back. 

5) Do it quick as others have mentioned the hacker could just as easily port your number out since they have your account number if they also have access to your self serve account. 

 

Good luck!

 

Edit: Your phone number will not be lost until 90 days after your plan expires. If you cannot add a credit card to your account you can buy a voucher in store when you purchase your SIM. 


 

steff12321
Model Citizen / Citoyen Modèle

@pavellyzhin I thought you ported your number out to Rogers? 

 

In all honesty, I think your password was compromised either due to another website you use being hacked, or through a phishing attempt. Was your PM number new from PM or was it ported in from another provider? The reason I ask is because if it was a new number, a simple lookup would tell them that this number is from PM and they could try using that compromised password and voila they're into your selfserve account. If it was ported in, they likely hacked your email first and saw some emails from PM which lead them to hack this account. Just trying to figure out the extent of this hack. Your other accounts which are associated with your email may be vulnerable. 

 

I would suggest you sign up for a new gmail account, change your email in selfserve, and change your password. Then get a new SIM card and change your account over to that SIM ASAP. While I completely agree that PM should have sent you a rush SIM card by overnight courier, you can't be relying on other's actions to fix your own problems, especially with how unresponsive the mods are around here and the fact they are not taking charge of your issues. 

 

However, I find it laughable that people think this is a cloned SIM or some kind of man in the middle attack. Unless you are a high level executive (which I doubt as you would probably have cell service with one of the big 3), having a hacker go to that extent to take over your accounts is ridiculous. Considering most data (especially passwords and account information) is sent encrypted nowadays, and SIM cards are VERY difficult to clone, not to mention you would need access to the original card, I seriously doubt this is what happened. 

 

I would suggest following what everyone is saying here and:

1) Secure your account (new email, new password)

2) Get a new SIM

3) Change your account over to the new SIM 

4) Done, enjoy having your old number back. 

5) Do it quick as others have mentioned the hacker could just as easily port your number out since they have your account number if they also have access to your self serve account. 

 

Good luck!

 

Edit: Your phone number will not be lost until 90 days after your plan expires. If you cannot add a credit card to your account you can buy a voucher in store when you purchase your SIM. 

Interesting read

 

 

Anonymous
Not applicable

@pavellyzhin wrote:

Update:

Day 13 (April 8). Still no changes. I got a message yesterday from Mod imforming me that "the issue is still work in progress".

 

Today was my renewal day.  My old credit card was compromised by PM sim card swap/cloning and because that "issue is still in progress" I did not entered a new cc info. So, my account has been suspended! OMG!

 


What a frickin' adventure.

But it does stand to reason. No pay, no get. Even though you haven't got. 🙂

Man.

pavellyzhin
Good Citizen / Bon Citoyen

Update:

Day 13 (April 8). Still no changes. I got a message yesterday from Mod imforming me that "the issue is still work in progress".

 

Today was my renewal day.  My old credit card was compromised by PM sim card swap/cloning and because that "issue is still in progress" I did not entered a new cc info. So, my account has been suspended! OMG!

 


@Pizzaeh wrote:

@geopublic wrote:

@Pizzaeh wrote:

@stonechucker Agree with some of what you're saying.

 

You say that the customers can purchase a new SIM card, switch it in Self-Serve and continue on.  I completely disagree with you on that point.  The customer should wait until they have been informed by Public Mobile that it is safe to do so.  Other customers telling the affected customers to go ahead and switch the SIM card, without knowing the details of how it occurred, is incorrect, in my opinion and is just asking for trouble.  We can agree to disagree.  

 

 


If your advice is to wait then please explain what happens when the hacker decides to port his number out of PM?


@geopublic please read all the replies.... Again, there should be a process in place for this, and Public Mobile's teams should be informing the customers promptyl on what to do, after being informed of the problem.  This information should come well before 10 days, otherwise, we'll have people like @geopublic saying nonsense like the hacker is going to port out their number unless they change the SIM card pronto.   Tldr version: Don't leave the customer in the dark and tell them what they should do, as soon as possible.   

 

This forum is great for helping out on service issues, but when it comes to security issues, I would have to defer to Public Mobile to take the lead on that.

 

 


Nonesense? So again you're assuming that nobody in this community knows anything about security. Smiley Sad

@pavellyzhin, tip to get you at least able to phone in and out,

 

Setup the fongo app on your phone.  You will be able to get a free Canadian number from almost all areas of the country and use it as a free calling for now, and possible backup system in the future should something affect your regular service again.

 

You can use it on WiFi, and when you have cellular data back, it will also be available on that.

Pizzaeh
Deputy Mayor / Adjoint au Maire

@pavellyzhin wrote:

@geopublic wrote:

If your advice is to wait then please explain what happens when the hacker decides to port his number out of PM?


Good point!!!!

I dont know. If I block it as a stolen/lost phone in my account, could somebody port it to another provider???

 


The line has to be active, so if you were to report it lost/stolen, they shouldn't be able to port it.  For @geopublic, Public Mobile should be telling @pavellyzhin this, not you or I, and it should have been conveyed more than a week ago.  

 

 

pavellyzhin
Good Citizen / Bon Citoyen

@geopublic wrote:

If your advice is to wait then please explain what happens when the hacker decides to port his number out of PM?


Good point!!!!

I dont know. If I block it as a stolen/lost phone in my account, could somebody port it to another provider???

 

Pizzaeh
Deputy Mayor / Adjoint au Maire

@geopublic wrote:

@Pizzaeh wrote:

@stonechucker Agree with some of what you're saying.

 

You say that the customers can purchase a new SIM card, switch it in Self-Serve and continue on.  I completely disagree with you on that point.  The customer should wait until they have been informed by Public Mobile that it is safe to do so.  Other customers telling the affected customers to go ahead and switch the SIM card, without knowing the details of how it occurred, is incorrect, in my opinion and is just asking for trouble.  We can agree to disagree.  

 

 


If your advice is to wait then please explain what happens when the hacker decides to port his number out of PM?


@geopublic please read all the replies.... Again, there should be a process in place for this, and Public Mobile's teams should be informing the customers promptyl on what to do, after being informed of the problem.  This information should come well before 10 days, otherwise, we'll have people like @geopublic saying nonsense like the hacker is going to port out their number unless they change the SIM card pronto.   Tldr version: Don't leave the customer in the dark and tell them what they should do, as soon as possible.   

 

This forum is great for helping out on service issues, but when it comes to security issues, I would have to defer to Public Mobile to take the lead on that.

 

 


@Pizzaeh wrote:

@stonechucker Agree with some of what you're saying.

 

You say that the customers can purchase a new SIM card, switch it in Self-Serve and continue on.  I completely disagree with you on that point.  The customer should wait until they have been informed by Public Mobile that it is safe to do so.  Other customers telling the affected customers to go ahead and switch the SIM card, without knowing the details of how it occurred, is incorrect, in my opinion and is just asking for trouble.  We can agree to disagree.  

 

 


If your advice is to wait then please explain what happens when the hacker decides to port his number out of PM?

pavellyzhin
Good Citizen / Bon Citoyen

@stonechucker wrote:

@pavellyzhin, in the number of days you've been waiting you could have ordered a new SIM, or even travelled the 120 km to get a new one.  I'm sorry it's inconvenient for you, but now that you've said this, buy 2 or more, so that you have a backup.


I wish I knew about it. I did not expect it would take so many days. I did search in the community and did not find any topics like this and created this one. I hope if somebody have the same issue he/she will know what to expect.

 

Need Help? Let's chat.