Your mobile phone account could be hijacked by an identity thief

Share This Page

A few weeks ago an unknown person walked into a mobile phone store, claimed to be me, asked to upgrade my mobile phones, and walked out with two brand new iPhones assigned to my telephone numbers. My phones immediately stopped receiving calls, and I was left with a large bill and the anxiety and fear of financial injury that spring from identity theft. This post describes my experiences as a victim of ID theft, explains the growing problem of phone account hijacking, and suggests ways consumers and mobile phone carriers can help combat these scams.

My Experiences as a Victim of ID Theft

One evening my mobile phone stopped working mid call. After discovering that another phone on my account also had no signal, I called my mobile carrier on a landline phone. The customer service representative explained that my account had been updated to include new iPhones, and in the process the SIM cards in my Android phones had been deactivated. She assumed it was a mistake, and told me to take my phones to one of my mobile carrier’s retail stores.

The store replaced my SIM cards and got my phones working again. A store employee explained that a thief claiming to be me had gone into a phone store and “upgraded” my two phones to the most expensive iPhone models available and transferred my phone numbers to the new iPhones.

I called my mobile carrier’s fraud department and reported what happened. The representative agreed to remove the charges, but blamed the theft on me. When I asked how the store authenticated the thief, he told me that employees of stores owned by the mobile carrier would have asked for the account holder’s photo ID and the last four digits of their social security number, but if the theft occurred at another retailer, that might not have happened.

I logged in to my online account, changed the password, and added an extra security PIN recommended by the fraud department. I then logged on to the Federal Trade Commission’s identitytheft.gov website to report the theft and learn how to protect myself. Identitytheft.gov is a one-stop resource for identity theft victims. It includes step-by-step instructions and sample letters to guide victims through the recovery process. Following the Identitytheft.gov checklist, I placed a fraud alert and obtained a free credit report. I also prepared an identity theft complaint affidavit, which I later printed and took with me to my local police station when I filed a police report.

I called my mobile carrier back several times over the next few days to finish cleaning up this mess. One of my phones had ended up with the wrong phone number and the other one no longer had voice mail. A few days later I received an email about mobile phone insurance that the thief had apparently added to my account. After three trips to my carrier’s retail stores and many hours on the phone, my carrier eventually fixed all the problems and refunded the fraudulent charges.

I was interested in learning where the theft had occurred and how much of my personal information was in the hands of the thief. Section 609(e) of the Fair Credit Reporting Act requires that companies provide business records related to identity theft to victims within 30 days of receiving a written request. So, following the template provided by Identitytheft.gov, I wrote a letter to my carrier requesting all records related to the fraudulent upgrades on my account. After about two months my carrier sent me the records. I learned that the thief had used a fake ID with my name and her photo. She had acquired the iPhones at a retail store in Ohio, hundreds of miles from where I live, and charged them to my account on an installment plan. It appears she did not actually make use of either phone, suggesting her intention was to sell them for a quick profit. As far as I’m aware the thief has not been caught and could be targeting others with this crime.

The Growing Problem of Phone Account Hijacking

Records of identity thefts reported to the FTC provide some insight into how often thieves hijack a mobile phone account or open a new mobile phone account in a victim’s name. In January 2013, there were 1,038 incidents of these types of identity theft reported, representing 3.2% of all identity theft incidents reported to the FTC that month. By January 2016, that number had increased to 2,658 such incidents, representing 6.3% of all identity thefts reported to the FTC that month.  Such thefts involved all four of the major mobile carriers.

Identity theft reports to the FTC likely represent only the tip of a much larger iceberg. According to data from the Identity Theft Supplement to the 2014 National Crime Victimization Survey conducted by the U.S. Department of Justice, less than 1% of identity theft victims reported the theft to the FTC.

Media reports on mobile phone account hijacking provide more evidence of this problem. A 2013 Forbes article reported that the government had seized over 5,500 phones from a Michigan operation that allegedly acquired them fraudulently from AT&T, Verizon, Best Buy, Radio Shack, and Apple stores and was shipping them overseas. The article reported that thieves used stolen identities to upgrade phones and add phone lines to existing accounts. In February 2015 more than 50 customers in the Denver area complained that Verizon had charged them for iPhone 6s, iPads, and new service plans they had not ordered. A North Carolina church received an AT&T bill for 17 iPhones purchased by an identity thief. In December 2015, four suspects were charged with using fake identity documents to purchase iPhones at AT&T stores in Kansas. In April 2016 three people arrested in a traffic stop in New Jersey were found to have fake IDs with the names of identity theft victims that they had used to fraudulently acquire iPhones. In May a man was arrested in Oregon for trying to buy four iPhones at a Verizon store using a fake ID. The man had previously been arrested twice on similar charges.

The Identitytheft.gov reports indicate that it is common for thieves to hijack a mobile phone account and also open other accounts in the victim’s name, days or weeks later. These are often mobile accounts with other carriers or credit cards for retail stores. In addition, some victims reported that identity thieves also changed the email addresses associated with their financial accounts.

Some victims did not have their mobile account hijacked, but instead received bills or calls from bill collectors about accounts with other carriers that identity thieves had opened with their names.

Most of the account hijackings likely occurred without the victims having provided information to fraudsters themselves. There are a number of reverse-lookup websites that will identify the carrier associated with any US phone number for free. Some will also identify the name of the subscriber and their city and state for free, and will sell the complete address for less than a dollar. There are also black market websites that sell dossiers that include social security numbers.

Other victims have also recounted falling for a phone scam in which the caller impersonated a representative from their mobile carrier. One victim reported that before their account was hijacked, a caller fraudulently claiming to be from their mobile carrier told them that their phone service would be down for 24 to 48 hours. Another victim reported that that a phony representative from their carrier’s fraud department called them and asked them to read back a code that had just been texted to their phone. When the victim complied, the fraudster was able to impersonate the victim and make unauthorized changes to their mobile account.

Perhaps most insidious, some thieves use their victim’s hijacked phone number to gain access to financial accounts that use two-factor authentication through text messages. This is known internationally as a “SIM swap” scam, or “SIM splitting.” The New York Division of Consumer Protection also warns about this scam on their website.

Thieves first purchase the victim’s bank account info or acquire it through a phishing attack. They may also look for publicly available information about the victim on social networks that can help them answer security questions. Then they impersonate the victim and call the victim’s mobile phone company to report that their phone has been damaged or stolen and convince the company to cancel the SIM card and activate a new SIM card with the victim’s phone number in the thieves’ phone. The thieves are then able to make bank account transfers, responding to phone calls and text messages directed to the victim’s phone number in order to complete the transactions. The victim’s phone stops working as soon as the SIM card is swapped. It usually takes them several hours or days to get their phone service restored, and longer to notice that their bank account has been emptied.

Industry experts I spoke with at a company that provides authentication services for mobile banking told me that SIM swap scams have become common in Europe and are increasing in the United States. In addition to obtaining information through phishing attacks, they told me that fraudsters often purchase victims’ information from black market sellers, or from rogue employees of financial institutions or mobile carriers. Unfortunately, there is little a consumer can do to prevent this.

What You Can Do

I asked all the major mobile carriers what consumers could do to protect themselves from a mobile account takeover. One of the most important steps you can take is to establish a password or PIN that is required before making changes to your mobile account. Each of the carriers offers this feature to their customers in a slightly different way.

AT&T offers a feature they refer to as “extra security.” Once activated, any interaction with AT&T, whether online, via phone, or in a retail store will require that you provide your passcode. You can use your AT&T online account or the myAT&T app on your mobile phone to turn on extra security. Note, that when you login online with your passcode, you may be presented with the option to not be asked for it again. Do not accept this option or you will disable extra security.

Sprint asks customers to set a PIN and security questions when they establish service with Sprint, so no additional steps are needed to use this feature.

T-Mobile allows their customers to establish a customer care password on their accounts. Once established, customers are required to provide this password when contacting T-Mobile by phone. To establish such a password, customers can call T-Mobile customer service or visit a T-Mobile retail store.

Verizon allows their customers to set an account PIN. Customers can do this by editing their profile in their online account, calling customer service, or visiting a Verizon retail store. This PIN provides additional security for telephone transactions and certain other transactions.

Using this extra password or PIN is a good idea and should help reduce your risk of mobile account takeovers. However, it does not offer complete protection, so make sure you remain alert for phishing attacks, protect your financial account information, and examine your mobile phone and credit card bills carefully every month for signs of fraud. If your phone stops receiving a signal and says “emergency calls only” or “no network,” even after you restart your phone, contact your mobile carrier to see whether your account has been hijacked.

What Mobile Carriers Should Do

The mobile carriers are in a better position than their customers to prevent identity theft through mobile account hijacking and fraudulent new accounts. In fact, many of them are obligated to comply with the Red Flags Rule, which, among other things, requires them to have a written identity theft prevention program.

Carriers should adopt a multi-level approach to authenticating both existing and new customers and require their own employees as well as third-party retailers to use it for all transactions.

Having a mobile phone account hijacked can waste hours of a victim’s time and cause them to miss important calls and messages. However, this crime is particularly problematic due to the growing use of text messages to mobile phones as part of authentication schemes for financial services and other accounts. The security of two-factor authentication schemes that use phones as one of the factors relies on the assumption that someone who steals your password has not also stolen your phone number. Thus, mobile carriers and third-party retailers need to be vigilant in their authentication practices to avoid putting their customers at risk of major financial loss and having email, social network, and other accounts compromised.

The author’s views are his or her own, and do not necessarily represent the views of the Commission or any Commissioner.

Comments

Here is the scenerio that has taken place recently. I own a retail shipping store. An individual from Texas wanted to open a private mail box here with mail forwarding for his business specializing in trading. The individual followed proper protocol by filling out the necessary documents having the documents notarized along with his id's. He never received mail here but he started receiving FedEx overnight packages here. He failed to notify us he would be receiving packages in other individual's names before we received our first package. When we received the first package we attempted to contact the individual the package was addressed to using the phone number on the shipping label. That number not the correct number for the name on the shipping label. We decided prior to refusing the package and returning to the sender, which was the AT&T distribution center in Fort Worth, TX, to open the packing list to see if we could find the person the package belonged to. The packing slip showed that the package contained an ipad and listed a cell phone number associated with the ipad. We contacted that number and finally located the individual the package was addressed to. The person confirmed they did not order the ipad and asked us to refuse the package and RTS. In the interim, my mailbox customer called to tell me he would be receiving a package for a person he was working with and gave me the tracking number. It was the same tracking number for the package containing the ipad. My mailbox customer wanted us to forwards the package to him in NJ where he was currently working, gave the address to send it to and a credit card for forwarding fees. My employee almost forwarded the package before I could alert my staff to this potential fraudulent activity. I never forwarded the package to my mailbox customer but RTS'd it. The same thing happened the next day with a cellphone. Using the same steps to track the person that package actually belonged to, that person confirmed they did not order a new cell phone and the phone actually was registered to his business. My mailbox customer called me regarding this package providing tracking number as well and I was supposed to forward this package to my mailbox customer in NJ. He claimed it was for his employee. I never sent the package to my mailbox customer, I RTS'd it. In both instances, if I had not been diligent these to people would have lost not only their cell service but probably much of their identity. I have tried to report this to AT&T but they are impossible to work with. I suspect this is an inside job through their call centers or vendors. They tried to blame a shipping error. Maybe once but not twice and especially not when I am telling them my mailbox customer is unknown to the victims and also requesting me to forward the packages to NJ. I dissolved my service to this person immediately but I am sure they will find another way to make their scam work.

my verizon account was hacked, the person had got my email address from Linked, logged onto my Verizon account, requested an updated pin then somehow to the account as a pingerprint user. The hacker then got access to my yahoo account and locked me out. Verizon veified the online request. now the hacker has conrtol of my phone.

My ex-boyfriend has stolen my identity and for almost a year has highjacked at least a dozen phones. He changes all my passwords and locks them so that I can not recover any of my accounts. I have reported these incidents to all my carriers, I keep changing them and they say there is nothing they can do;. I have even reported this to the police on several occasions. They haven't got a clue. I have also filled out the FTC's ID report and am following their instructions for future prevention. Right now he has 3 of my brand new phone numbers and has a mobile hotspot going. The worst is he reroutes my phone calls and text messages. He has me completely cut off from my friends and family. This is called abuse but the authorities don't seem to be interested. if anyone can provide me with advise I would gladly appreciate it.

This sounds very familiar!!! You are right that the police have no clue!

Can anybody answer me, if i didnt uninstall whatsapp and hike accounts for several months and by the this time my sim gets deactivated and that number gets transferred to some other person, what will happen to those accounts if that persons freshly links that number with these accounts?

We have T-Mobile and there is more then one assigned to our plan, I got administrative rights to speak on the behalf of the account holder due to language barrier. I assigned one more person and he uses Google # mainly but has the number assigned to him by T-Mobile which came up in a strange text message to me stating that cell tower with particular crying out IMEI number was successfully reassigned from that number to mine. I have been kind of suspicious that I may have him spying on me but don't know how to prove it. Is there a way how to do that considering that the Google number is used majority of the time and possibly is the culprit

_YEARS_ later - This happened years ago, the comments are still coming in about this happening to more people. It's amazing (in a bad way) that even after it happens to the CTO of the FTC, the government still has nothing in place to stop carriers from allowing this to happen. Unless the carriers are made to feel the pain (read: $$$) for this sort of thing, they have no incentive to stop it from happening. Another example of how lobbyists own legislation. Bummer.

I am a sprint customer. Yesterday my phone stopped working. I was no able to use anything, no internet, no phone calls, no service. After that I called customer service and I get to know someone switched my phone number to a different device. They did that through chatting with a rep. My number was connected with another device not even listed on the account. My question is: Are the cellphone companies allowed to make this big changes on the account without confirming if you are the holder of the account? It is completely unprofessional to me to do such a thing. If anyone has a suggestion of what should I do.

I need help as this is happening to me now and my carrier t mobile is treating me like I am crazy and denying they allowed someone to do this to me....pls help I'm starting to think I am crazy!

After visiting a T-Mobile store, my email was illegally accessed. What makes me most angry, purchasing a phone there, required me to give their employees, all the information needed to impersonate me.

I just found out sprint gave someone an account who gave them my ss number. Since the perp was a man, no one can explain how he opened the account without a pix id. Its been a hassle

This happened with me 3 days back. My case is severe. An individual called my service provider (T-Mobile) and asked to port my number to Sprint. According to T-Mobile he provided all required info so they took the request and processed it. I got to know only when my mobile stopped working and I called T-Mobile.On top of this he had my email accounts. My phone number was set as recovery option on my email accounts. He started changing password on my email accounts. I lost 3 of my accounts and finding no ways to recover back. This individual picking call on that number and pretending to be me.

When I went to police they told me it not a police case. It is between you and service provider. Service provider is telling they need police report to block this number. I stuck and not sure what can I do.

When I went to identitytheft.gov I did not see any option which covers my case.

I have put securiy freeze and locked my credit. Not sure what else should I do.

Please advice.

Several years ago, something similar happened to me. I had a Straight Talk Home phone. At the time, I was also involved in a civil case. Several months in, the case took a significant turn for the worse. At first, I thought it was just bad luck...until the next week when I went to put money on my home phone. While calling customer service from my home phone, I was informed that my number wasn't my number anymore. Upon further questionning of Straight Talk and the other company involved, I found out that not only was it was transferred to an Altel device a week before the previously mentioned court date, but that it was also active on both my side and the Altel side! Whoever had the Altel device was able to listen to all of my conversions (including private conversations about the case). Altel had the name of the person that ordered the transfer (they confirmed the gender and that the name did not match mine) but refused to release the name to me. They stated that it was protected under privacy laws and could not be released without a court order. I reported the incident to the police, but they wouldn't do anything without a name. I eventually won the case, but the person that did this never faced any consequences for their actions.

Since Mar 2017 someone, thing or group has been remotely accessing my phone. My passwords and recovery methods were changed, Could not access my Yahoo, Gmail, Facebook, Spectrum, and Chase. An online access with my phone carrier authorizing themselves as primary, I would disconnect line and they would just connect it right back, Felt like whatever I was looking at was being manipulated somehow. Luckily I was smart enough to back up my photos but those were eventually deleted everything was. My privacy had been violated and since they still had my accounts they had my pictures, I started investigating I would screen shot some activities and things i would uncover. Day by day seemed seemed to get worse, felt like i was going crazy! I ended up closing my bank accounts and locked online access to everything else. I could talk until I was blue in the face with Tmobile they did not help or offer any solutions not even tech support, after 10+ years of being cusomer I left T-Mobile. I would submit claims with Chase and report everything yet they never noted my account and would make me feel like I was the issue, up until 2 days ago they finally put extra security and noted my identity theft and the agent told me that my account had been accessed many times but wasn't told, now I know why they sent me a new card. Im getting phone calls claiming too be Chase but aren't. I'm now with ATT and This NIGHTMARE still goes on but this time besides me saying it finally someone else sees it (att agent) they just can't seem to figure out who I would do the warranty claim with.. uhhh hmm ok! I figured out a lot understand more and more and with no help from these companies, so if someone is accessing my log in to chase wouldnt that mean they can access anyone elses accounts? I still continue to investigate and record and screenshot everything. Samsung showed me how to wipe caches internally i see these logs, went through them and I see NOTICE, NOTICE, NOTICE report this immediately to your vendor. Haha! yeah already did. Thats all a support tech had to do but facory resetting your phone fixes everything! Ridiculous really...

Since Mar 2017 someone, thing or group has been remotely accessing my phone. My passwords and recovery methods were changed, Could not access my Yahoo, Gmail, Facebook, Spectrum, and Chase. An online access with my phone carrier authorizing themselves as primary, I would disconnect line and they would just connect it right back, Felt like whatever I was looking at was being manipulated somehow. Luckily I was smart enough to back up my photos but those were eventually deleted everything was. My privacy had been violated and since they still had my accounts they had my pictures, I started investigating I would screen shot some activities and things i would uncover. Day by day seemed seemed to get worse, felt like i was going crazy! I ended up closing my bank accounts and locked online access to everything else. I could talk until I was blue in the face with Tmobile they did not help or offer any solutions not even tech support, after 10+ years of being cusomer I left T-Mobile. I would submit claims with Chase and report everything yet they never noted my account and would make me feel like I was the issue, up until 2 days ago they finally put extra security and noted my identity theft and the agent told me that my account had been accessed many times but wasn't told, now I know why they sent me a new card. Im getting phone calls claiming too be Chase but aren't. I'm now with ATT and This NIGHTMARE still goes on but this time besides me saying it finally someone else sees it (att agent) they just can't seem to figure out who I would do the warranty claim with.. uhhh hmm ok! I figured out a lot understand more and more and with no help from these companies, so if someone is accessing my log in to chase wouldnt that mean they can access anyone elses accounts? I still continue to investigate and record and screenshot everything. Samsung showed me how to wipe caches internally i see these logs, went through them and I see NOTICE, NOTICE, NOTICE report this immediately to your vendor. Haha! yeah already did. Thats all a support tech had to do but facory resetting your phone fixes everything! Ridiculous really...

Same story to me twice in two weeks. Even after pages of fraud alerts and requirements to show id in store, Verizon disconnected and ported out my number after notes indicated that caller asked for it to be"disconnected" I have been told by Verizon that it is against federal law to Port any number that is not "active". Can anyone help provide me with the statute for this? I let it go the first time, but even after the notes, freezing of my numbers, and porting of disconnected number, I have to assume I have a case at this point. Thanks in advance

MetroPCS - MetroPCS - MetroPCS - MetroPCS - MetroPCS - MetroPCS - MetroPCS - MetroPCS - MetroPCS -
Apparently data was stolen from MetroPCS in Nov 2015 "data was left exposed online by a security flaw in the MetroPCS payment page, potentially allowing cybercriminal to steal the identity of customers, hack into their email or bank accounts through social engineering, or, worse, stalk them in real life." Someone has transferred my number to another phone and is trying to reset passwords for my Paypal account. MetroPCS has no method in place to put a hold on the account.

On Friday, a guy walked into a T-Mobile store with a fake ID with my information on it. Apparently it "passed" the UV light test, although the store said the photo looked a bit strange. He attempted to "upgrade" my phone to a new iPhone. Luckily the sales rep at the store asked a simple question: "How many lines are on your account?" He answered "Just the one." I have multiple phones on my account, and so they denied selling him a phone with my information. Shortly after the incident, my wife received a phone call and informed her and I about the attempt. The sales rep and store manager were very responsible, and I'm very pleased I received that phone call. I immediately added a password to my t-mobile account. As I know my information was part of that which was stolen in 2015 from the T-Mobile/Experian data breach, I suspect that is where he got my information. As it did have my correct address and other information on the ID. I'm very happy that t-mobile found something about the ID or man suspicious and prevented him from purchasing a phone on my account.

A Verizon employee after hanging up with me changed my 4 digit pin - wrote in their log that my wife called in to change our pin and then proceeded to port out my cell number. My wife did not call and their records indicated no other calls were taken by the employee. 20 minutes later my phone was assigned to Metro PCS and someone entered my credit card into apple pay on the phone and attempted to purchase an iphone from Best Buy. My credit card company declined the transaction. The thief called my credit card company and verified my account by receiving a text message with a code and then proceeded to change our account password. Another attempt was made to purchase the phone but it was declined again. The thief again called my credit card company and made a $150 deposit into my account as a good faith gesture. They then made another attempt but was turned down again. We received a call from our credit card company and explained the situation. The thief also was able to get into both of our verizon.net email accounts and change the passwords within 30 minutes of our phone being ported out. It took 4 days before my cell number could be returned to me.

So i know this is late, but as a victim it's not to fix this.
They should just keep a picture of you on file. The YMCA does it, it's not that hard. When I told this to VZW they were like that's a great idea, I'll pass that on to my manager.

As for over the phone stuff, you can record voices. The agent can put the caller on hold, listen to a previous conversation and determine within reason if the voice is close.

Btw, they ended up unfreezing my credit freeze even though they didn't have my pin (they get past my Verizon pin easily) after unfreezing everything they opened accounts, sold my stocks and bought a car. Thanks a lot credit bureaus, it's like you never heard of identity theft before.

At at&t I believe they make you bring in your current device or Sim if you want to change devices. Wish everyone would do that.

That's amazing that the FTC Chief Technologist was a victim of a scam like this! Pretty crazy! Makes you wish the phone company would have checked a drivers license of required some sort of identification in order to swap the phones!

I have been using an unlocked iPhone SE I got brand new from Apple on a pay as you go carrier for about 6 months. Suddenly I was told I cannot use it anymore. It had been blacklisted by a different service provider because the IMEI number is associated with a fraudster there. The weird thing is the number got blacklisted in August when Apple still had the phone. I believe it is a clerical error made by someone at the carrier, however I am having trouble getting it resolved. I am not their customer and they think some guy committing fraud physically had my phone in or prior to August. I am now wondering if the IMEI number could've been stolen from that phone. But it doesn't make any sense. I have made many phone calls to my pay as you go carrier and to the carrier that the fraudster had an account at (but I never had an account there) and to Apple, who even got their engineers looking into this. I am going in circles and I am wondering if this will ever get resolved. Any advice is appreciated.

Sprint obviously violated the red flags rule. They allowed someone in FL to setup 9 lines of service and purchase equipment under my name and SSN. Should have been obvious on credit check. Even the collection agency said so. Irreparable damage to my credit. I need a lawyer.

What about Appearing as calling from a number????

I filed a dispute with att and had complaint with FCC ... att said to the FCC that they would address it in arbitration . I had to represent myself and they did not address it and they tried to say I was harassing them . That's where I am no

I not only had my phone hacked, but the hackers got to my bank account as well. Under both circumstances, 2 red flags had gone off that should have prevented the third attempt of reaching my accounts. Call your carrier and bank account to set up new features, such as a physical token to use to access your bank account, and a 6 digit PIN instead of a 4. Unfortunately my PIN for my cell carrier was defaulted to my last 4 of my social. Use the check fraud check list to prevent future hacking.

My Highjacking story. First they placed a change of address for my home. Fraudsters then called several credit card companies including B of A and were able to request new cards on my B of A which were directed to the highjacked home address.

After receiving the B of A credit cards, they hijacked my phone and then activated the cards and charged thousands at Walmart and various Targets in the los angeles area. When B of A called me to verify the transactions, they of course had my phone and verified them. B of A put a hold on the card at 3500.00.
They also accessed my online B of A banking by using SafePass, credit card number and my SSN. Bypassing the need for my user id and password. Having my highjacked number allowed them to get the SafePass code.
They attempted an 8500 transfer (which was not authorized by B of A).

Bottomline, beware of SafePass to your phone. Suggest a burner phone receive these which is not traceable by anyone (unless you lose the phone,) Also, emails with your safepass could be a vulnerable point. I have created an dedicated email only for 2 step verification codes to reduce the exposure factor. Good Luck.

If someone has a prepaid service like StraightTalk and buys activation codes instead of using automatic renewal, would that help limit hijacking?

If someone has a prepaid service like StraightTalk and buys activation codes instead of using automatic renewal, would that help limit hijacking?

People keep sending unwanted advertisements on my cellphone how can I stop this mess from happening to my phone

I agree with that it is too easy for an identity thief to port my cell phone number to themself and neutralize all my accounts that use text messaging for 2 factor authentication which is supposed to "increase security".

please, FTC, don't make it so easy to port a cell phone number!

All of this has happened to me also . I sympathize with all of you as I have dealt with this for three years ... Att is worse than the purprtrator . Att is committing a crime . Currently have been made aware of the account number of my online account and I have the password ... it is a business account with my phone number ... I am not sure what to do next s. I beleive that a tax Id for myself or my daughter set up a business account and this is attached to my home equity line of credit and my ex is actually filing a tax return for this mystery business account . I am not sure what my next move is but I have to train mysleld not to be in fear of Att !

I have been going CRAZY for 3 weeks now, I was/am hacked. How do I fix this problem? Now my phone's telling me that, this is NOT my phone!? Who can fix this problem for me? HELP ME PLEASE.

I went into a local convenience store and wanted to pay for my breakfast samich with my Visa card because I had walked out of the house without cash. Apparently, the chain of stores had added a new level of "secure" authentication, the clerk explained, by entering into the cashier's terminal the customer's 3-digit security code from the back of the card. I hesitated, but held up the card to the clerk so that he could read the number, rather than me read it aloud because several customers behind me would have overheard it. The clerk then says aloud, "Okay, let's see.....um, 6-8-7" and punches it in. I went ballistic that he had read it loud enough for the whole line to hear! I complained to the manager and went home and canceled the card. Be careful, folks!

I am dealing with right now someone somehow transferred my tmobile phone number to a verizon number and somehow used my verbal password???? HOW??? you have to speak to someone to do that?? So now they tell me i should call and have verizon transfer back the number, HA...VERIZON does not have my number to that account. So they cant...cause they dont know how. Tmobile says it is not a smart phone which my phone is a smart phone. SO can they get their act together?? 15 years and NEVER had a problem.

Having a pin is not enough, if they have two fake IDs and present them to the store the customer service rep can bypass the pin, which is so dumb it doesn't make sense but that is what my carrier told me, I have tmobile

Pages

Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.