Community

Cappybye · ‎09-24-2020

So I woke up yesterday morning my phone didn’t work, and I had 8 emails from PayPal and various merchants for the purchases I had made overnight while I was sleeping.

Unable to contact anyone directly at PayPal or Public Mobile, I was finally able to speak to someone at BestBuy and cancel the MacBook!

I ordered a new SIM card in the afternoon, but after speaking to a friend who works in the credit card industry, it seems it’s my SIM card that was taken over. That allowed them to receive the OTP to change my PayPal password.

So is this incident due to lax security at PUBLIC MOBILE? I want my phone number back!

darlicious · ‎09-27-2020

@Cappybye

You were simjacked. They gained access to your self serve account and changed the sim card to access and take over your phone number. If they had ported your number your account would have been closed. Suspending your account and changing your password was the correctvaction to take and/or changing the sim card # yourself with a new one.

Fraudsters commonly hack PayPal accounts because they can contain a wealth of information about you. Normally most people will have their main email on their paypal account which is also linked to their phone and their bank and credit cards. They can easily access your name and phone number and then hit social media to find your birth date and narrow down your location to find your address. It's likely when you accessed your PayPal account thru eBay there was a security lapse....did you provide your name, address and phone number to a seller on ebay? Your email? Is it the same for both PayPal and public mobile? Get a koho card....a visa/debit account that you can control how much is on the account and can be easily locked thru the app. This is a safer alternative. Create a few emails that are account specific, have different emails for each, change and use different passwords for your accounts.

The moderators can reinstall your sim card but you should consider always having a spare one on hand to use if this happens again or to refer a friend and you can replace it. Take a serious look at how personal info about you is displayed online.

gpixel · ‎09-26-2020

@Cappybye they are getting approval... by the person, impersonating the customer

Anonymous · ‎09-26-2020

@Cappybye wrote:
I can't understand why any company would release a phone number to another carrier without first getting specific approval from the customer. It's not like it's something we do every week.

I hope you've locked down all your financials before coming here to continue the discussion.

There are two crimes at play here. One is using your login credentials that _may_ have been acquired in that data breach to login and switch the SIM #. Now they're using your phone service. They can then go to financial places using your phone number to fish for passwords if you set up verification using your number.

The next crime is fraudulently porting out your number (iirc this hasn't happened to you). Once they've logged in to your account, they have all they need to port out your number. If they didn't do the first step then you would see the meaningless port warning which lets a port continue by default. If they did that first step then you wouldn't be any the wiser if they did this overnight when _most_ people are sleeping not aware that their phone service just died.

A confirmation text for a port out was tried a few weeks ago but then yanked back. I don't think anyone knows why.

An idea to require the account PIN at SIM-swap has been floated. But unfortunately, things change at a snails pace around here if at all.

So I say they are aiding and abetting crimes by not doing anything about these actions.

Cappybye · ‎09-26-2020

I can't understand why any company would release a phone number to another carrier without first getting specific approval from the customer. It's not like it's something we do every week.

gpixel · ‎09-24-2020

@Cappybye

https://www.cyclonis.com/how-to-check-if-you-were-affected-by-koodo-data-breach/

if you would like some security I suggest following these instructions

create an email strictly for public mobile
change your name and address on your self serve account
don't use your personal email password for the pm website
don't use a password manager(chrome, safari, etc. browsers
don't use your cellphone number as a 2fa for banks, PayPal etc

Cappybye · ‎09-24-2020

How are individuals able to jack a SIM card without the current carrier releasing the number? I made an eBay/Paypal purchase at 9pm, and this happened a 1:30am. I assume this is somehow related, so that's pretty fast.

Cappybye · ‎09-24-2020

What access does this give hackers exactly? They got into PayPal but what about banking apps and email?

Cappybye · ‎09-24-2020

The numbers don’t match, I already tried re-entering my actual sim number but it says it incorrect or already in use. So I just suspended my account

Triguy · ‎09-24-2020

You are a victim of sim jacking.

Here is a previous thread.

https://productioncommunity.publicmobile.ca/t5/Using-Your-Service/Sim-Jacking-it-can-Happen-to-anyon...

esjliv · ‎09-24-2020

Hi @Cappybye, This does sound like a case of SIM-Jacking. So sorry to hear this.

Do you have any calling or texting services?

Check your self serve account and see if the last four digits of your SIM card match the actual four digits of your SIM in your phone. If they do not match, then SIM-Jacking fraud as taken place.

Let the PM moderators know about this, contact them via private message here:

https://productioncommunity.publicmobile.ca/t5/notes/composepage/note-to-user-id/22437

In the meantime change your self serve password, and security questions.

Community

SIM card takeover