cancel
Showing results for 
Search instead for 
Did you mean: 

pretty sure i got hacked

smarsden
Good Citizen / Bon Citoyen

its 3am now est,around 1:15am my phone stopped working,wouldnt text,wouldnt call,kept coming up not registered on network,approximately 2 minutes later my outlook is being flooded with spam my account has been registered to and over 6 thousand dollars has been charged to my paypal,which i've been locked out of and cant get access due to them trying to send the second security number via text,im freaking out as im a guy on welfare for christ sakes and sure as hell dont have 6 grand and i cant even call anyone to help,i need help with whatever is wrong with my phone so i can stop me losing my home to god **bleep** hacker,please help!

13 REPLIES 13


@darlicious wrote:

There is a series of questions they ask you regarding you personal history that a fraudster would be hard pressed to know even if they had your entire identification (as they had all of mine except my SIN #.)Your financial institution cannot help you in this situation (with Equifax and Transunion.)


Your financial institution can look at your ID, look at you, ask their own questions, confirm that you are indeed who you should be. Then smooth the way through any other identify verification mechanisms which will confront you - they vouch for you, they are considered a reputable agency, they can help you navigate through this unfamiliar new (and stress-inducing) minefield, they can help you batter through any obstacles (false information, etc) the criiminal has installed.

 

I suppose there's lot of different defenses, just as there's lots of different attacks. It's a delicate subject which must be handled delicately. Fallback questions and answers are often unreliable, few people have perfect memories of details they considered unimportant many years ago.

What was your address and phone number in 1992? Who were your employers in 1994 and what were their contact numbers? Do you remember the date you opened the account ten years ago, the dates and amounts of the last transactions you did with it? Chances are the identity thief can answer at least some of these questions better than you can.

 

This is probably made worse because old records are not stored in computers. And new records are stored in a cloud which could have been seized out of your reach.

@Korth 

When you put a fraud alert on your file with Transunion and equifax it requires all credit requests to be approved by you alone with the credit issuer given a phone number supplied by you from the 2 credit reporting agencies. There is a series of questions they ask you regarding you personal history that a fraudster would be hard pressed to know even if they had your entire identification (as they had all of mine except my SIN #.)Your financial institution cannot help you in this situation (with Equifax and Transunion.)

If communications have been compromised then you'd probably be better off going to the bank (with your ID) in person. They can do a lot more with credit agencies (like Trans Union and Equifax) then you can since they can vouch for your identity. Financial institutions have mechanisms in place to secure legit customers, control the damage, and actively monitor against future intrusions. They take fraud (and claims of fraud) very seriously.

 

You may have less access to your own identity, accounts, records, etc than the criminals who stole it from you when you're online. So you should reclaim and secure anything you can (change passwords, PINs, secret questions/answers, etc) as quick as possible but also establish your presence offline as quick as possible.

@kb_mv I just read this.  thank you for your very informative response.  👍 🌹

carlaspapa
Town Hero / Héro de la Ville

I have just learned about this thing how about Sim jacking. I don't have any verification code setup I only have an online bank I use the koho card. But I have a good password for my email and a different one for my Bank and it's not associated to my phone number. This is a good thing to learn about since I'm just new to doing things online.

For everybody reading this thread I offer the following as food for thought, hopefully getting people to think about their online presence.

 

The first issue is how did whoever sim jacked you get your account info including PIN that allowed them to port out your number? Figuring this out could help you to minimze the damage.

 

Second, a lot of people tend to use the same email/user name and passwords over a number of accounts. Now I admit I do the same to a limited extent. But I differ from most in the following:

 

1. My actual email accounts have a different, more difficult password than that used on sites like here.

 

2. My government accounts have a different username and a different difficult password from my emails.

 

3. My work accounts have a different username and a different difficult password than any others I use.

 

4. My banking has the toughest and longest passwords of all.

 

While on the topic of banks, having your number stolen doesn't give someone access to your bank accounts or anything else. The thieves have to know what bank you use and in my case the client card number used for sign in before they can try the lost password link. Assuming they have that info, they cannot get a password reset sent to them because I do not use my phone number on any accounts to get password resets sent to . None, nada, zero. In my opinion tying your phone number to any account is a horrible idea, as we have seen numerous times here. I will receive an email from the bank (see number 1 above).

 

5. I use an authenticator app for 2FA. I have set up all my accounts that allow 2FA to use this. No text sent to my phone number. You have to have the correct app and enter the time sensitive number to allow access. If an app/site determines that sign in is coming from an unknown (to this point) location/device, it asks for the authenticator code. Without it you can't get into my accounts. There are a number of authenticator apps out there and resources explaining step by step how to set it up for your particular account (if available). Yes it take time initially to go through your online life and do this, but I think it's worth it in the long run. If I recall correctly, It took me about an hour to complete when I went this route.

 

Finally, stop giving thieves your life story on social media. Believe it or not there are bots that mine data from social media sites. My fav post is the one that asks you to answer a bunch of seeming harmless questions like what was your first pets name or the name of your favourite teacher. These are the same types of questions that some sites (banks, government etc) use as another layer of security. Don't make it easy for the bad guys.

 

I feel bad for people that have had their lives upended by sim jacking. Hopefully there is a nugget or two above worth considering to help your selves.

treefrog
Town Hero / Héro de la Ville

That's terrible I'm sorry to hear that. Did you get a text from pm about porting out?

smarsden
Good Citizen / Bon Citoyen

no reply from the mod team yet,ill be downloading a phone app now,paypal is just about to open their phonelines and ill be heading for the police station shortly

@smarsden 

Have you had any contact or help? You've got to try and slow them down....contact your bank, Have them put hold on your online banking and your accounts the fraud department is open 24 hours a day. Change your email passwords if they are not already compromised..... create a new email if possible and use it to contact any other compromised accounts and have them put on hold....i hope the @CS_Agent has already been in touch. Keep an eye on the envelope icon next to your avatar at the top right corner of your screen for a little number to pop up indicating a message from the moderators.

 

When you get on top of this come back and if you prefer private message me and I'll give you the rundown on how to move forward and protect your identity.....just get your self covered and your phone number back first.

gpixel
Mayor / Maire

@smarsden 

 

if you have wifi, download and register for text now or fongo for a free Canadian phone number and start calling your bank , PayPal etc

 

call your bank and let them know what happened
call Equifax to restrict any accounts from being made
change all your passwords. keep your public mobile password different than your email etc.
change your 2fa phone number to something other than your personal phone number.
try to trace back any links you've recently clicked on that might of installed malware
check your phone to see if there are any apps you haven't installed and delete them right away

yanzhiqiang
Deputy Mayor / Adjoint au Maire

To submit a ticket to the Moderator Team, please start a conversation with the Public's virtual assistant, SIMon by clicking  "?" at bottom right of your screen.

Need Help? Let's chat.