cancel
Showing results for 
Search instead for 
Did you mean: 

Unauthorized SIM Swapping (Koodo prepaid)

Kristowhy
Model Citizen / Citoyen Modèle

This is a head's up for anyone here who has or knows others with a Koodo prepaid account to be on the lookout for possible unauthorized SIM swapping of their account.

 

So far 3 different Koodo prepaid users have been affected by the SIM swapping attacks which took place just a few days ago.  According to one affected user, an internal investigation has begun.   

 

For more info/details check out this thread:

https://community.koodomobile.com/prepaid-79951/unauthorized-sim-swap-on-koodo-prepaid-7814679

 

PS:   Make sure 2FA (2 factor authentication) is enabled on your PM account in addition to having a strong password. 2FA should also be enabled on the email account (Google, Outlook, etc) used for your PM account as well.

13 REPLIES 13

Kristowhy
Model Citizen / Citoyen Modèle

After about 4 week from these incidents, Telus/Koodo has finally rolled out 2FA like we have here at PM.  A step in the right direction...yay!

 

What's also interesting is that the Koodo prepaid selfserve site is now identical to that of PM....but with slightly different shading and pics.  

Screenshot_20220915-224026.png

Kristowhy
Model Citizen / Citoyen Modèle

Sadly this situation seems to be getting worse as the weeks roll by with more victims posting.  One affected user has now moved all his business and lines away from Telus.

 

The recent updates in the thread below are quite alarming!

 

https://community.koodomobile.com/prepaid-79951/unauthorized-sim-swap-on-koodo-prepaid-7814679/index...

 

 

gpixel
Mayor / Maire

I suggest everyone to change their passwords. there could be a new security breach with credentials leaked. the same thing happened back in feb/2020. PM still hasn't said anything, but we were directly affected by it. that is why all these new security features were implemented into PM. the issues the customers are having are very similar to the issues we had here.

 

this could also explain PMs system outage. these dates seem to be very close to eachother...

Kristowhy
Model Citizen / Citoyen Modèle

@BKNS27 yeah a few affected users were saying that days ago...it's entirely possible.  

 

@softech yeah fingers crossed!  No matter how much security tech is implemented, the weakest link always involves people.

 

thanks @Kristowhy for the update

 

Now, I hope PM and Koodo are using a separate call centres and they will start hiring "smarter" reps

Inside job then

Kristowhy
Model Citizen / Citoyen Modèle

@softech @darlicious 

 

UPDATE: the main thread (in my OP) has been further updated by those involved with some pretty eye opening contents...  😲

 

simswap.jpg

 

Kristowhy
Model Citizen / Citoyen Modèle

@softech here are another two victims in another thread.  Yikes!  

 

https://community.koodomobile.com/other-80596/account-hacked-sim-swap-7814829

 

First user their email was hacked.  Second user their SIM was changed without any warning or confirmations.  Both used Newton (crypto) and suffered financial losses.  😐

 

BKNS27
Mayor / Maire

@Kristowhy 

It could have been an inexperienced Koodo operator that didn’t complete the credentials screening.

Good thing PM have a 2FA and online chat and private messaging to screen all credentials before allow access to accounts. Also not under pressure over the phone to allow for SIM swapping.

But nothing is full proof though.

Community_QA
Model Citizen / Citoyen Modèle

@Kristowhy Koodo still has no 2FA?  did Koodo update their Self serve like us?

 

Kristowhy
Model Citizen / Citoyen Modèle

@softech wrote:

second time in 3 days, it looks like a targeted attack.. or there are some unsafe apps on the phone?


Hard to say, but what's concerning to me is that two of the users did not receive any emails with the 2FA codes that should be sent out when a SIM card change is done via the online account.  It seems they just received the email notifications that a SIM change was done and nothing else. 😐

 

Koodo/Telus really needs to upgrade the Koodo prepaid selfserve site ASAP with 2FA like we have here with PM.

 

 

softech
Oracle
Oracle

second time in 3 days, it looks like a targeted attack.. or there are some unsafe apps on the phone?

 

Anyway, better be very safe and be careful 

 

Thanks for the heads up @Kristowhy 

Need Help? Let's chat.