@@tw8464: Yes -- Sir. This is why the media is in business doing what they do. Their bread is buttered by other jams and spreads from other sources from the nebulous and dubious.
It was probably a manager at the phone store. Worked for a major phone company and the employees were bigger scammers than the scammers that would come in.
There always is an accomplice. Many years ago my boss had her wallet lifted in a store and within minutes several laptops were purchased at a store at least 30 minutes away. The only way this is even possible is with someone working at the Best Buy that rang up the purchases using the stolen CC. I actually got them busted because the idiot pick pocket used her points account to get points. Not a very bright move on her part but greed sometimes makes brains 🧠 not function properly 😂😂
I used my debit card in a long established resale shop and still don't know if the card reader contained a skimmer or somebody nearby with a scanner lifted my info. It was irritating to go into my bank, then wait for a new card, file a police report and file a complaint with my atty general.
You are the exemplification of "with great power comes great responsibility." You have this power and unlike these scumbags, you use it for good *STRONGWIDGET* I just found your page and have been completely enthralled! I love that you're exposing these thieves. I was wondering if these crooks ever go to jail or get fined. Do they? They should!!! Thank you for helping victims of these thieves. Dont stop!!
Yep, reminds me of a complete horror story where a woman went to a gym for a routine workout. The gym's registration thing wasn't working properly, so the staff had guest write down their information. The woman wrote down her information and put her card, apartment keys and cellphone in a locker and locked it. She did the workout routine and after,she went back to her locker and was horrified to see that someone had used a pliers to open her locker and her card, apartment keys, and cellphone were gone. She immediately notified the gym staff who didn't seem very sympathetic. She was able to use a gym computer or something like that and watched in complete horror as her money was rapidly being spent without her being the one spending it. She called her bank using the gym phone number and they weren't very sympathetic to her either. They blamed HER for the theft. 😱 She went on social media and called the news and soon she was told her bank would be reimbursing her stolen money. And the gym admitted they shouldn't have let people register by manually writing down information.
I'm not sure about this, but I think the pressure probably came from social media, and the news took the story to save face for BOA. Seems more likely to me.
Verizon isn't responsible for providing account security for BOA. BOA and ever other bank out there knows that this sort of thing happens yet they continue to force people to rely on their phone for security. That is wrong.
@@stefanpuffer both are responsible. Cellular carrier is responsible for "opening the door" to allow the scam to succeed. The bank is responsible for not allowing other types of security protection (auth apps, their own financial apps, email etc).
Yeah. But the point is she escaped because she wasn't playing their game. If you don't put your data out there, nobody can steal it ...whoever might be ultimately responsible.
Working with the industry where people come to them after being exposed to these guys makes me feel like there is some hope in the tech world. This scams needs to stop and I feel like *Strong widget* on the internet have the power to do it. Keep it up!
They had an ID. A picture ID. You can make one in about 3 minutes. Flash it to the $15/hour clerk behind the counter and bingo, you are all set with you new phone. Sheesh! Do people really think an ID is some sort of security measure ?? Kids have been flashing fake IDs to buy beer for the last 50 years ;-)
It's because the store clerks don't get paid enough to care. A lot of times they do whatever they can to get a commission, because they're surviving on a mere $200 a week without it. "Need a new phone while out on vacation without your ID? Not a problem."
The courage displayed here is truly remarkable. These individuals faced real danger, yet you chose to confront the fraudsters and reclaim their stolen assets. Your commitment deserves great admiration, *Stalwart-Redeem* If law enforcement matched your dedication and ingenuity (not to mention integrity), our country would undoubtedly be a much safer place. Outstanding job!
He is truly exceptional, and his tools are so impressive that I occasionally wonder if he’s even human, haha. The bottom line is that Stalwart-redeem is the ultimate expert in recvering from scaams.
It is their fault yes, but why is the bank relying on Verizon or any other cellular company to provide account security? It's flawed yet the banks continue to do it even though they know the risks.
@@stefanpuffer That's probably because the manager and/or teller were in on it. A transaction that large is supposed to trigger money laundering protections to try to keep the money from going to groups like narcoterrorists or just being used for tax evasion. I'm curious why the bank didn't have proper controls in place to prevent the improper withdrawal. (That's independent of the fact that the person withdrawing the money wasn't authorized to do so in the first place)
The scammer needs a lot more than just going through a two-factor authentication, like the name of the bank, the account information (sign-in name), and then the PASSWORD. They can now do the two-factor authentication. This is so unbelievable, and the lady deserves what she got. Is it really Verizon's fault for the lady to give out all this information?
@@kenough They probably gained access to her email and just plugged it into all the major online banks and ran a password reset request. Once it hit (showing 2FA was required) they had to get the SIM swap done but they were also likely able to get through Verizon security by having her email access.
I stopped giving up my SIM card when I get a new phone years ago. I don;t want even the possibility that my old SIM card is floating around with info on it.
There's a reason thieves and scammers go to Verizon. It's because Verizon allows it to happen just to get a sale. They refuse to ask for ID to prove who the person is. At&t always asks for your ID. So does most smaller cell companies like Mint Mobil. Only VERIZON keeps letting thieves go into their stores and buy phones and phone plans in somebody else's name w/o requiring ID. So the POS criminals know where to go every time they steal a credit card, or get someone's information. Go into any Verizon store and act like you are getting an expensive phone and phone plan. Then see how they NEVER ask for ID. Every other cell phone carrier insists on ID. Why won't Verizon? 🤔
Verizon is using a “privacy” cop out to claim why the won’t release information about their “investigation” of their own mess-ups. In reality, there is no “privacy” issue since the information is being asked by the victim who is releasing Verizon from any privacy concerns.
My sons church brought in traveling evangelist when he was a teen. One would call my son every Friday evening, telling him to leave us and go preach the word. My son asked if I could have his number changed. I called Verizon and they turned his phone off. I had to get him to call them because I bought the phone for him , to have it reactivated they said.... Such a hassle. But worth getting rid of the child predator they' brought to the church..
This almost happened to my mother last year. Her phone shut off, and the thieves ordered a new phone. The reason they could not rip her off was because my mother is older and never does online banking. She doesn't trust it. She also was in touch with the phone company the same day to have the order for the new phone cancelled. She does not use two factor auth. I'm not saying you should not use two factor auth, but in my mom's case, her being old fashioned is what saved her.
Dude. I'm a vet, and nothing I ever did in service compares to the most amazing effort you and your colleagues give to protect and enlighten the public in general to this horrendous threat to innocent people. Much respect For this Grind Techiei guys !!
SIM-swapping is something that has been known as a vulnerability for MFA for over a decade now. What boggles my mind is how many banks still support only text messages as a form of MFA.
My credit union used text codes and I contacted them with my concern that it wasn't the most secure 2FA/MFA method. All I got back was acknowledgement that they got my message.
@@senatedocument2646 Only for login as a replacement for your password login. Does absolutely nothing for 2FA, Bank of America does allow for Passkey usage for 2FA as well, but still allows SMS as a fallback. MFA is only as good as the weakest link.
@brightnright6768 It will only getting worst with this DEI bullshit crap world that we live in now. Not to mention in the airline industries with the highest safety concerns…SMH!
@@TrashScoutMain Many banks operate in multiple states. I've actually had to withdraw money from my account at the teller window in a bank in two different states. The kicker is that I've needed official state-issued photo ID to do so... Gotta wonder why that very basic step failed at the bank.
$17k means that it was probably not the teller alone, there was probably either a manager or it was a teller that was working with the scammers. $17k should be well above the threshold for various money laundering regulations to kick in.
@luluisfunny no I don't doubt people do that. But this person emptied an ENTIRE bank account of 17k. That should have been a big fat red flag, lol. Unless the teller was in on it or something.
The amount of bravery this took was INSANE. These people all had their lives in danger, but still decided to go through with the recovery for the sake of busting bad scammers. True respect *Strong widget!* If the FBI was half as dedicated and ingenious (and honest) as you guys are, the USA would be a much safer country. Amazing work!
That's the false narrative. That's why they never catch the hackers. It could be cia, nsa, or other local/foreign government agency. All your safe guards get bypassed during hacks.
That's a great indicator that they know they are committing crimes. Happening at more work places than people would expect. If there's no cameras, you probably don't want to work there... (In my working experience, any place that refuses to install cameras is usually at fault for either criminal activities, falsifying documents, or generally some kind of evading the law for some reason.) And you don't want to get involved. 😅
My office is in Salt Lake, Sec V, Kolkata..we've got several companies in the same building, last week we've received a message from the facility manager asking us to report any illegal activities related to online scam and this one was from local cyber crime cell. Thanks *Strong widget on the internet.* This thing is happening for real. Keep up with your good work.
I am from Kentucky and I love you for doing this *Strong widget.* These scammers are worse than insects, ruining most country's and city's name. I don't know how are they so proud of scamming people. I pray that anyone who reads this get a successful money recovery in life. Successful people don't become that way overnight. What most people see at a glance-wealth, a great career, purpose is the result of hard work and hustle overtime
This happened to my husband’s phone 2 years ago- we are still in the midst of a lawsuit against T-mobile. When the phone shut off, he got an email alert that someone somewhere in Europe had initiated the SIM card swap although we are in the US. The phone company needs to pay if they making identification theft so easy for scammers.
I can tell you, you probably had a smart watch on your account or "Internet of things" line as well. Your email was hacked firstly, allowing for the hacker to gain access to 2fa, they found the bill in the email they hacked, found the primary phone number, deleted all traces of email activity while they set up your future credit's demise after cloning your number because your account didn't have a certain code applied, "DBLOCK", being the main cause of what opened your doors to the hacker past your email getting hacked firstly. I'd sue Google firstly 😅
@laceyjoe5933 Your comment was inappropriate and apathetic! She was scammed and this had nothing to do with religion. You are a part of a larger problem in this country about religion.
Nonsense. It happens more than you know with mobile telephone network operators. It is caused by poor procedures for identification checks and a failure by personnel to adhere to the procedures.
That’s true. It took over a week for my husband to switch from another carrier to Verizon because when we first got our phones they never listed anyone as the owner of the account and authorized user. We first got our phones over 20 years ago so I’m sure everything was different.
It's a shame whenever there's a problem at Bank of America they won't do the right thing until the customer's issue(s) make the news. I speak from experience in this.
The 2 point authentication with my coinbase account is what allowed the thieves who swapped my SIM to get control of my coinbase account. It is relevant.
@@cryptotaurus333 Tell me about the method you used, did you disabled SMS and used a third-party app like google authenticator? Did you use only authenticator, or did you use both?
You mean to tell me that someone can just walk into the phone store and say that my phone number is their phone number and completely lock me out of my phone and steal my identity? This seems like the phone company’s fault, so the bank is probably going to sue them to recover that $17K, but something needs to be done so that someone’s identity is not so easily stolen.
No, phone service is just that...phone service. It was never sold as a way to security your bank account. The banks came up with that and it is flawed yet they continue to do it.
Basically yes. But typically the person calls the phone company with a story like, "I dropped my phone in the ocean- etc. I bought a new one but I need you to set the new phone number to this new device I bought." Once the phone company switches your number to their phone they typically try to log onto your bank and say they forgot the pass and to please send the new code via text - to the phone number that they have just hijacked. It is scary. I have Bank of America but they will not allow me to do large purchases/withdrawals without me being at the place - This is terrible.
First the scammer needs to know a person's phone number, their ssn,their full name, and their bank account number or login name. And they needed to have the drivers license/ID card. And they needed to look like them. And this story is claiming the scammer passed all of that and got away with it. The bank and Verizon screwed up then. Something's not right.
This is Verizon doing this. A simple check of this person's identification should have pervented this. Verizon needs to be investigated by the FBI and then maybe they will do something about it.
I can't praise you enough for being here for the victims! Thank you so very much *STRONGWIDGET* !! You guys are Superheroes!!! Thanks for looking out for all of us and especially our elderly because they appear to be the most vulnerable. You guys are Aces ❤
The few times I've purchased a new phone at Verizon I had to show my ID and my old phone. Of course someone could claim the phone fell in the river and present a fake ID, but the point is Verizon did require something,. Now what Verizon did with that verification is another question, they might have just looked and said, "OK",..
Here in Australia, all banks are required to take full responsibility for any fraudulent transactions, whether at fault or not. We have many more useful protections than the US.
In this case, I don't think the bank is responsible. You still have to log into your bank account. She clearly allowed her app to auto log in with prefilled id and password. She probably assumed her phone is locked so she doesn't need to worry about passwords in her app.
Bank of America is just as much at fault. If a customer is reporting such an issue which also prevents them being authenticated on the spot, they should have put a hold on the account to secure it until the issue was sorted.
Verizon is responsible for getting her number back to her phone, and for giving her a refund for the month she didn't have that number available. Why would they be responsible for her bank's failure to properly identify the bank's customer?
@@stefanpuffer Two factor authentication was used. Had Verizon not provided a phone to someone without verifying they were the owner of that number, this wouldn’t have happened. I’m no Bank of America apologist, I closed my accounts with them ten years ago and will never go back. However, what is a bank supposed to do if the security features are used as intended? If I respond to a phishing email with my login information is the bank responsible for the person who used the information to transfer money out of my account?
the biggest problem is us. We demand things be easy to do and we do not want to have to go to the store to do anything. People want to place and order online and have it sitting at their door step when they get home. Can not wait until the next big thing people start trying to get stopped will be all the waste from getting all this crap sent to our homes. They want to complain about all these plastic sacks but forget how much it takes to ship to your home. This would be a big issue to places like amazon that only ship to you. Maybe brick and mortar stores would make a come back and people would stop being lazy
I know someone who was sim swapped by employee at AT&T. They lost $220k, AT&T kept saying they were not responsible for what there employee did after lawsuit it was settled out of court.
@@isabellaflorentina7574 Yep, sim swaps are almost always an inside job. I worked at verizon a while back and some of my coworkers were extremely shady characters, not to say that any other carrier is any different but I saw some shit there. Sometimes it's just a lazy employee not following policy on verifying ID/account PIN, but most often it's an employee getting paid by the scammer to do the swap. Which is just INCREDIBLY stupid since the company not only has CC TV in every store but can easily track who logged in to the system to process the swap. I can't understand why anyone would risk their livelihood and freedom for a bit of money, but lots of people aren't exactly critical thinkers nowadays.
I looked that up. The depths these people sink to is astonishing. When a culture values crime as "aspirational" it's well and truly fucked. Absolute trash.
Cyber HEROES!!! That’s what you guys are. ❤️THANK YOU THANK YOU THANK YOU ❤️ *PLEASE READ THIS:* Hey *STRONGWIDGET* Don’t listen to the Stupid trolls complaining about what YOU do! WE clicked on to YOU... we all know you rock, we get get your 'help' humor. Don't waste your time trying to get the general pop to understand, they'll never 'get it' and they'll just bring you down., Keep being you, you are LOVED.
This happened to me more than 10 years ago (not $$ theft part). My phone suddenly was 'no service'. Went to AT&T and they revealed that another store had just given my phone # to someone else. What was crazy is I had to prove who I was AND give them a PIN to get it restored back to me!
This is the phone company’s fault, and not the bank’s: They must require absolutely bulletproof ID before issuing new SIM cards, and we all need to be prepared to provide such ID on a moment’s notice.
Actually I blame the bank because they are relying on the phone company to provide account security. Any expert will tell you to not use text to your phone as an authentication method. Unfortunately many banks continue to use this insecure method to protect accounts and that is wrong.
@@stefanpuffer, your point is reasonable, but I don’t think many consumers are sufficiently familiar with, nor even aware of, other alternatives, to be able to deploy them widely.
Why would that be the case? The bank is relying on random third parties (phone companies) to provide identification and authentication. That's terrible. The bank should be providing alternatives, and they should be responsible for making you aware of the alternatives.
@@mr88cet In some cases though there aren't many alternatives to do 2FA although for example, I do see that Microsoft is employing a 2FA app that people would use to authenticate their accounts versus getting a code on their phone via text. This would be a good step in the right direction but not all banks or services have these apps or have signed up for services that provide this.
This is why I never put my banking information in a stupid telephone or computer every company is sharing and selling our person information to the highest bidder
the news didn't do a very good job explaining and made it sound like the scammers withdrew money only by swapping the service on her phone. The scammers somehow had her banking credentials as well.
@@jtika1978but how were they able to login to her iCloud when setting up the phone without her password? There’s so many things they would need to pull this off that the news report doesn’t mention
This is unacceptable and both financial and mobile institutions should be held accountable. No one needs this bs these days among other things people have to deal with.
Hey bud, I just wanted you to know that everything you do is necessary and thank you so much for what you do. It's more than just a recovery service, you're helping people. You're actually the push for me to get my degree in Information Technology so that I can protect people from heartless people like this. Thank you for all you do *Strongwidget,* you're a genius with a big heart and principles. Support and Respect from Britain .
if you ever write a personal check, chances are you are giving out your name, address, bank account #. Your phone number can often be found out via public web. And if you use weak password for your account, game over.
The lady should sue the phone company. If phone companies could get into legal problems from situations like these, they’d quickly enact policies to combat this type of fraud.
The phone company never promised to keep her bank account safe. They should be responsible for getting her phone number back to her, and give her a free month of service for the time it wasn't accesible.
@@darrennew8211 No but the phone company *IS* responsible for not performing sufficient identity checks before changing the SIM card number against the phone number. So they are liable.
@@deang5622 They're liable for getting her phone number back and fixing any phone problems arising from that. They aren't responsible for what the bank did with her phone number. It's not their job to serve as an identification platform for financial services.
In Corporate America, the only policies that would be enacted quickly would be ones to protect the phone companies from lawsuits. Who do you think the law makers work for?
Was wondering that too. I know 10 people personally that have been victims to that bank fraud calling scam with the code. And if that money goes into an account I don’t know how he FBI can’t make arrests !
No, and it doesn’t make sense. Be careful with Zelle too. The bank says once they wire money you can’t get it back EVEN though the bank put the money in that scammer’s account. Makes no sense. They say their account is probably closed by now, they won’t even try to retrieve it. Lost lots of money scammed by an online “job”.
So do bars and nightclubs. IDs are useless, I thought most people realize you can print one up on in 3 minutes. An ID is just a useless artifact from the last century. A total joke actually ;-)
The problem is you have to give the pin to the Customer service of your cell phone company over the phone. That's a problem because it sounds to me like Employees working at such places already have access to your information or could be recording it when you are telling them over the phone and using it down the line or even selling it to someone.
There is information missing from the news report. How did the thieves get her password? Two factor authentication usually comes into play after a correct password is entered. And even in the rare case that authentication is done immediately after entering a login id, a correct password is still required to access the account. Something is fishy about this situation.
If 2FA is through SMS, a sim swap gives you access to everything, including e-mail and changing your passwords. If she had a dedicated 2FA app or token, this wouldn't happen.
I don't normally post comments...but you guys were Ana's angel. From the depth of my heart, thank you *Strongwidget* for protecting our most vulnerable!! Thanks so much for the hard work, you do on this world. I been watching you for, a while and amazes me every. Time when you save someone that has being Scammed I wish you all, the best saving more people
I've been switching phones and phone carriers for years. I always port my number to my new service, and whenever I do, I need a special pin code to do this. I'm surprised the scammers were able to do this without that pin code.
The real problem here is, banks like BoA don't allow you to use ONLY an authenticator app for 2FA and disable texting as a method of 2FA. I don't like law suits, but this problem is so prevalent and the solution so stratit forward, maybe it's time for a class action suit to get the banks to make changes.
Yep, if I had my way, I'd only have something like a FIDO enabled token or one time key. I think it's worth having 3 of those keys, two as master keys that can unlock any of the accounts and never leave the house and one for just a couple accounts where you may need to log in again when you're not at home. The keys themselves aren't that expensive and far more secure than what you'd get from SMS or email. Both of which travel over the network unencrypted and could potentially be eavesdropped on. (Admittedly, the likelihood of that happening in the time before the code expires is relatively small, as long as they haven't tapped your device to see when it's being received and using it in the meantime)
@@SmallSpoonBrigade We had a great hack where I worked, before everyone switched over to yubi keys. The pretty young girl calls up and says "I don't have my phone with me. Can I send my code to your phone and you read it to me?" And of course the code he reads is the code of his own account sent to his own phone. You really need something that can't be phished.
All very well to be aware of this, but is is the SECOND factor. The first factor is knowing the victim's bank account number AND their online password to log in, AND their phone number. None of these many videos about sim swapping even mention how that primary breach happened in the first place.
So in other words, it wasn't just the phone number. Someone had to have gotten where she banks at, the account number and the password to give to the phone company. Wouldn't they need to know her account password for Verizon as well. Scary stuff regardless
The first factor is the password which can be reset using the phone number. They text a link to reset it. Then they send a 2FA code. This is why 2FA is basically worthless unless you are using an authenticator app. Never use text 2FA when you can use an app.
I can understand how they got control of her phone number but there has to be more to the story. They would also have to know which bank she deals with, her account number and her pin number.
I have a sense she got one of those fake emails telling her that there was some problem with her account and she needed to log in. That would provide the criminal with her bofA user ID and password and phone number (if she is not yet enabled two factor authentication)
By going to Verizon and buying a new phone without checking for id which gave them the access to her number and phone. I’m betting it’s someone at Verizon. They said all this in the video guys lol
Also, if you ever need to "recover" your password, it takes the 2FA to gain control and change the password, which uses either your phone to text a code or an email address to email the code. So all someone really has to do is get your phone number and your email address. Then they can attempt to get your sim. Once they have that, they can go to your accounts -- email, bank, utilities, you name it -- and start changing things because they are, thanks to today's technology, in effect, you. All the verification codes you would normally get are now going to them. Your service on the phone in your hand is dead, so you aren't getting those codes. As far as I know, the only way to protect yourself is to immediately contact your service provider to see what you can do to lock the SIM down, using authentication apps, and using a unique login name or email address that you don't use publicly just for your banking, shopping, and service provider logins
Well, that 17K was transferred to a specific bank, with a specific account number associated with a specific name! That’s where the investigation should start. Am I missing something?
Exactly. I don't think the news reporter completely understood what happened. They just made it sound like if someone swaps your sim card they have access to your funds. It don' t work that way.
Two-factor authentication means two factors. So, either this woman's bank password was known to the attacker, or the attacker called the bank and convinced them to change the password, which I would think is unlikely. If this woman uses the same password for everything and her password was in a data breach database somewhere that would explain how this happened.
True about if she uses the same password, but... "or the attacker called the bank and convinced them to change the password, which I would think is unlikely. " You know what a bank does when you call them to reset a password if you have two-factor auth? They use that two-factor to verify you... The password is the easy part to reset if they have the SIM. What is a bit trickier is the username... How did they get her username? I agree with the data breach being a probable issue here, and she probably also uses the same username for her accounts... Especially for financial accounts, not just obviously don't use the same password, but don't use the same username to log in...
I totally thought the same thing. If her phone number was stolen, that’s one part of two factors needed to get into her accounts, so how would the thief get this other information (the password)? The only way I can think of is if they knew what bank she banked at (but how would they even know this?), called them as another commenter wrote, and changed the password.
@@desiv1170 They also need the other information about your account though, such as your account number and name. Just having your phone is not enough.
Breathed a sigh of relief for this woman when I saw that Bank of America reimbursed her for her loss. Now it's time for Verizon, Bank of America and other phone companies and banks to up their security measures and procedures game.
so that means international wires, sending a check to anyone and then not being there with them to verify u sent it to them when they want to cash it? did u even think about that before u said it lol
@@jackson_craft_gamingscates9324 you idiot, they don't have to be there at the SAME location, but they need to show up at their OWN LOCAL bank to DO and VERIFY the transaction, at least with large amount like over 10K, so that they have records of who's sending and who's receiving, in case of thefts, which are prevalent these days.
@@jackson_craft_gamingscates9324 No, the person sending the check would be there with ID. Did YOU think about that before "u" said it? Clearly not. He never said BOTH parties had to be there but maybe the ONE party draining her entire account show show an ID first, genius?
@@lpg12338 It's an independent government agency located in DC with members who are elected by the President and Congress. It's not technically "a part of the government" to enable autonomy, which prevents control/misuse by politicians. So it kind of is a part of the government, but it's not run by government. Kind of splitting hairs.
The dude is just not fakeing . The finishes of the goals. Beautiful. Magisterial. Love you *Strong widget.!* 🙏🏼 Whoever's reading this, I pray that whatever your going through gets better and whatever your struggling with or worrying about is going to be fine and that everyone has a fantastic recovery! Amen
This didn't happen because of how she used her phone or which apps she has. It happened because her identity was compromised and she used text message 2FA which gave them access to the code. This is why any secure account should use a 2FA app, not a text message 2FA.
The sad thing is, the insurance companies for these banks never go after these criminals. Someone ordered a debit card in my Mothers name and paid their bills. They could have simply found out whose utilities they were but, didnt.
Tell your mother to check her bank account EVERY DAY and set up a notification option. My credit union notifies me every time there is a transaction over $25. Annoying, but less annoying than someone using my account to steal my money.
There is an easy way to stop this- don't do internet banking. We need to mandate that any bank used by criminals in a scam must refund the money to the victim's bank. The the criminal's bank can recover the money from the criminals. We must also mandate full investigation of these scams with mandatory very long sentences of no less then 10 years of hard labor on a first offense. We should bring back chain gangs.
I worked at a major cell company for a long time. The store personnel work on commission or low salary plus commission. The store employee had more incentive to sell the phone than to check to make sure he or she had the correct customer. This is why the store person neglected to check for the passcode on her account.This allowed the customer to be hacked.
This man really Hit the ground running and hasn't stopped yet. He gives us more understanding of him without interviews and negative antics he just shows us who he is through the Recovery. True living legend. We salute you. Incredible recovery. The Execution, creativity, and goodness that came from it were inspiring on a number of levels. Cheers *Strongwidget* & looking forward to seeing what you do next!..
Had this happen to me in the UK. Started with getting multiple dropped calls to my phone, before I got an email thanking me for reporting my phone as stolen. My phone was right in front of me, but when I looked at the screen it said ‘no service’. Within an hour they’d taken everything out of my bank account, and tried to set up Apple Pay. A horrible experience.
The banks and the cell phone carrier should be held liable. This is such a threat to the stability of our entire social/economic system. If it is not safe to keep our money in the banks people might realize how much of a fraud our entire system is if we all tried to withdraw our money, which actually doesn't exist.
Something is missing in this news story. *_TWO_* factor authentication is exactly that: "two" forms of authenticating who you are. So, a crook now having your phone number to receive a "confirmation" of your identity still doesn't explain how the crooks got past the *FIRST* authentication point, which is usually your *username and password.* ?? Even _IF_ a crook didn't have your password and was just trying to change/reset your password, usually that means that they still had to know your *username* before they could click on "Reset Password". What am I missing? Is this only happening to folks whose username/passwords have been hacked (or are on a black market list of usernames/passwords)? Crook can't just call the bank and ask over the phone to change password without giving an account number and other identifying info. ??
I was going to post something very similar (including "two factor authentication is exactly that"!) But in this case I believe the money was taken out at a teller where they use SMS/pin for verification. But that still means they would need to know the account number and the bank, plus the risk level for the scammers would be pretty large
Edit: My comment below is no longer valid. As noted in other comments in the thread, this is a huge security hole. Original comment: Exactly. The news channel should have at least consulted someone who is tech-savvy to properly report on this. There is a huge missing hole in this story. There were 2 locked gates into her bank account - this report mentions only the second gate. My guess is that she first fell victim to phishing or similar scam and disclosed some of her information before the SIM card swap even happened. This is not to excuse why a SIM card swap should have been so easy. However, It is barely half the story why money went missing from her account.
You don't need the username for Verizon if you have the phone number. Once that's reset you also know the username and email which is presumably the same as the banking info. So now you have what you need to reset that too. Since she used text 2FA rather than an authenticator app, they had access to that too.
@@C_G1443 - Not ANY of my multiple bank accounts use my *email address* as my login name. And if I click on "Forgot Username" (which I did just now), it asks for my social security #. *It appears what's missing from the story* is that victims of this SIM swap are usually *also* the victims of *identity theft.* An identity theft profile with a few pieces of personal info *combined* with a person's mobile number would be enough to successfully gain access to their accounts.
Because everyone's a criminal in one form or another. Anything anyone has ever done to manipulate, coerce, or get what they wanted from someone is a criminal. No matter how small or insignificant it may be.
A whole bunch of them are out of the country. Hard to prosecute the citizens of another county, much less find them. BUT there is so much fraud, financial institutions are going to have to get a whole lot smarter.
@@chuckh4077 Ummmmm, no. See Trump should be in General Population as much as anyone else. I don't care about race. I do care about locking up criminals. And countries that have criminal operations that prey on Americans? Shut them down, too.
Phone companies by law should be required to verify and record the identity of the customer and employee that conducts a sim swap. Once there is a trail it will help catch these scammers. Only then will these identity theft cases will slow down.
This is just one more reason why I hate using a cell phone. It is hard to keep up with all the latest scams. I thought land lines were bad, but cell phones and computers make land lines look secure, in comparison. And because there are also land-line scams, I had to switch to extremely limited service so someone couldn't use my land-line number to call someone overseas or out of my calling area.
Why TF did Verizon allow the criminal to open an account in her name without checking government issued photo ID? Verizon should be fined to return all of her lost money (all $17,000) of it. Without such stringent fines, businesses like Verizon will never become serious about preventing identity theft.
Perhaps, but usually biometrics don’t serve as a sole method of authentication. Generally nowadays a second factor is also required besides just biometrics when used for authentication. However, don’t expect clueless local station reporters to understand and explain any of this nuance.
I could be wrong, but this looks like a Verizon problem. On my cellphone carrier account, I have to use a pin code and password before anything can be done. Either way, scammers are getting better everyday...
As far as I can tell, she didn't click on the link - the email - which was a notification regarding the new phone - was the first sign to her that someone was doing something wrong with her account.
When a business says "Unfortunately there's nothing we can do"
Contact your local TV station
Exactly looks like that's what changed the bank's mind
Na. Lawsuit time. Mega billions.
😂😂😂
@@00tact
Lawsuit and TV station time !
@@tw8464: Yes -- Sir. This is why the media is in business doing what they do. Their bread is buttered by other jams and spreads from other sources from the nebulous and dubious.
There needs to be a huge lawsuit against Verizon for not validating user identity before any phone or sim is activated.
Sim swapping been here never leaving either
Right
It's not just Verizon it's every cell company. I had mine happen with T-Mobile.
Verizon’s customer service people don’t know anything. It looks like customer service is outsourced to another country, likely the Philippines.
How do you think the crooks got her bank info? They didn't get it by activating a new sim.
If it wasn’t for the media, taking on her story and getting it out there, Bank of America would’ve never given back the money.
They are scammers themselves
Bank of America is a crap bank.
Yup, Bank of America is the worst.
so true
Exactly! And that scares me because I bank with them.
It was probably a manager at the phone store. Worked for a major phone company and the employees were bigger scammers than the scammers that would come in.
It was definitely an inside job
Yeah I don't trust anybody.
There always is an accomplice. Many years ago my boss had her wallet lifted in a store and within minutes several laptops were purchased at a store at least 30 minutes away. The only way this is even possible is with someone working at the Best Buy that rang up the purchases using the stolen CC. I actually got them busted because the idiot pick pocket used her points account to get points. Not a very bright move on her part but greed sometimes makes brains 🧠 not function properly 😂😂
That's what I'm saying! There is NO WAY this scam is as big as it is from somebody "convincing the phone company" of their identity.
I used my debit card in a long established resale shop and still don't know if the card reader contained a skimmer or somebody nearby with a scanner lifted my info. It was irritating to go into my bank, then wait for a new card, file a police report and file a complaint with my atty general.
You are the exemplification of "with great power comes great responsibility." You have this power and unlike these scumbags, you use it for good *STRONGWIDGET*
I just found your page and have been completely enthralled! I love that you're exposing these thieves. I was wondering if these crooks ever go to jail or get fined. Do they? They should!!! Thank you for helping victims of these thieves. Dont stop!!
Love how all these companies resolve the issue once a news channel gets involved
Yep, reminds me of a complete horror story where a woman went to a gym for a routine workout. The gym's registration thing wasn't working properly, so the staff had guest write down their information. The woman wrote down her information and put her card, apartment keys and cellphone in a locker and locked it. She did the workout routine and after,she went back to her locker and was horrified to see that someone had used a pliers to open her locker and her card, apartment keys, and cellphone were gone. She immediately notified the gym staff who didn't seem very sympathetic. She was able to use a gym computer or something like that and watched in complete horror as her money was rapidly being spent without her being the one spending it. She called her bank using the gym phone number and they weren't very sympathetic to her either. They blamed HER for the theft. 😱 She went on social media and called the news and soon she was told her bank would be reimbursing her stolen money. And the gym admitted they shouldn't have let people register by manually writing down information.
I'm not sure about this, but I think the pressure probably came from social media, and the news took the story to save face for BOA. Seems more likely to me.
I'm going to get the news media to do a story on the state bar
Yeah. "Mainstream media" that people of every political persuasion like to put down, actually still has an important role
They did NOT verify with her, she did nothing wrong. This was a massive security lapse with BoA and Verizon
Verizon isn't responsible for providing account security for BOA. BOA and ever other bank out there knows that this sort of thing happens yet they continue to force people to rely on their phone for security. That is wrong.
@@stefanpuffer both are responsible. Cellular carrier is responsible for "opening the door" to allow the scam to succeed. The bank is responsible for not allowing other types of security protection (auth apps, their own financial apps, email etc).
Yeah. But the point is she escaped because she wasn't playing their game. If you don't put your data out there, nobody can steal it ...whoever might be ultimately responsible.
Verizon sent her an email
@@stefanpufferWho even thought about this? Why not single use codes and a secret PIN?
Working with the industry where people come to them after being exposed to these guys makes me feel like there is some hope in the tech world. This scams needs to stop and I feel like *Strong widget* on the internet have the power to do it.
Keep it up!
The phone company is the weak link . They need to be held accountable.
Exactly! 👍
Just like the car company doesn't fix it so people can't drive a car but has made it easier to be stolen
Agreed.
Not a problem with Metro PCS they have 2 more codes you only the customer knows...
The weak link is fools shopping and banking online.
How the fuck can a Verizon rep change someone's sim without asking for an ID? Beyond stupid and should be sued!!
They had an ID. A picture ID. You can make one in about 3 minutes. Flash it to the $15/hour clerk behind the counter and bingo, you are all set with you new phone. Sheesh! Do people really think an ID is some sort of security measure ?? Kids have been flashing fake IDs to buy beer for the last 50 years ;-)
Similar thing happened to me, and it's not just for verizon, most, if not all the phone companies are like that
It's because the store clerks don't get paid enough to care. A lot of times they do whatever they can to get a commission, because they're surviving on a mere $200 a week without it. "Need a new phone while out on vacation without your ID? Not a problem."
Probably an inside job...
When the person who sold the phone and activated, without verifying the person, should be responsible!
The courage displayed here is truly remarkable. These individuals faced real danger, yet you chose to confront the fraudsters and reclaim their stolen assets. Your commitment deserves great admiration, *Stalwart-Redeem* If law enforcement matched your dedication and ingenuity (not to mention integrity), our country would undoubtedly be a much safer place. Outstanding job!
He is truly exceptional, and his tools are so impressive that I occasionally wonder if he’s even human, haha. The bottom line is that Stalwart-redeem is the ultimate expert in recvering from scaams.
I need this recvery expert for my scaams case also
@@lgillam06 He mostly interacts on Telle grams using the user
*@stalwartredeem* THAT IS HIS USER NAME
@@misstoya01 Thank you so much for this
Seems to me the phone company (Verizon) is 100% liable for being scammed into assigning and existing number to the scammer's phone.
It is their fault yes, but why is the bank relying on Verizon or any other cellular company to provide account security? It's flawed yet the banks continue to do it even though they know the risks.
@@stefanpuffer That's probably because the manager and/or teller were in on it. A transaction that large is supposed to trigger money laundering protections to try to keep the money from going to groups like narcoterrorists or just being used for tax evasion. I'm curious why the bank didn't have proper controls in place to prevent the improper withdrawal. (That's independent of the fact that the person withdrawing the money wasn't authorized to do so in the first place)
The scammer needs a lot more than just going through a two-factor authentication, like the name of the bank, the account information (sign-in name), and then the PASSWORD. They can now do the two-factor authentication. This is so unbelievable, and the lady deserves what she got. Is it really Verizon's fault for the lady to give out all this information?
@@kenough They probably gained access to her email and just plugged it into all the major online banks and ran a password reset request. Once it hit (showing 2FA was required) they had to get the SIM swap done but they were also likely able to get through Verizon security by having her email access.
I stopped giving up my SIM card when I get a new phone years ago. I don;t want even the possibility that my old SIM card is floating around with info on it.
Verizon cannot share specifics but they can easily make your life a hell by swapping your sim over the phone with someone else!
What a joke
There's a reason thieves and scammers go to Verizon. It's because Verizon allows it to happen just to get a sale. They refuse to ask for ID to prove who the person is. At&t always asks for your ID. So does most smaller cell companies like Mint Mobil. Only VERIZON keeps letting thieves go into their stores and buy phones and phone plans in somebody else's name w/o requiring ID. So the POS criminals know where to go every time they steal a credit card, or get someone's information. Go into any Verizon store and act like you are getting an expensive phone and phone plan. Then see how they NEVER ask for ID.
Every other cell phone carrier insists on ID. Why won't Verizon? 🤔
Verizon is using a “privacy” cop out to claim why the won’t release information about their “investigation” of their own mess-ups. In reality, there is no “privacy” issue since the information is being asked by the victim who is releasing Verizon from any privacy concerns.
Then dont use 2 factor. Use biometric fingerprint scanning. Bofa app has that option.
My sons church brought in traveling evangelist when he was a teen. One would call my son every Friday evening, telling him to leave us and go preach the word. My son asked if I could have his number changed. I called Verizon and they turned his phone off. I had to get him to call them because I bought the phone for him , to have it reactivated they said.... Such a hassle. But worth getting rid of the child predator they' brought to the church..
So phone companies don't check IDs? I'd sue the phone company
She just lost 17k unless she can afford an attorney
Is your name Karen?
You are correct. 👍
Fake ID?
No but you should have a pin on file with the phone carrier
This almost happened to my mother last year. Her phone shut off, and the thieves ordered a new phone. The reason they could not rip her off was because my mother is older and never does online banking. She doesn't trust it. She also was in touch with the phone company the same day to have the order for the new phone cancelled. She does not use two factor auth. I'm not saying you should not use two factor auth, but in my mom's case, her being old fashioned is what saved her.
Kinda like how the US military uses older computers that no one knows how to hack anymore to manage its nukes.
@@dylanattix2765 That was the old system. They're upgrading.
I have had several people tell me I could use my phone for banking. As another old paranoid person, I do not trust it.
@@dawnelder9046 agreed! I don't install banking apps on my phone !
I’m glad your mom’s ok
Dude. I'm a vet, and nothing I ever did in service compares to the most amazing effort you and your colleagues give to protect and enlighten the public in general to this horrendous threat to innocent people. Much respect For this Grind Techiei guys !!
SIM-swapping is something that has been known as a vulnerability for MFA for over a decade now. What boggles my mind is how many banks still support only text messages as a form of MFA.
My credit union used text codes and I contacted them with my concern that it wasn't the most secure 2FA/MFA method. All I got back was acknowledgement that they got my message.
What's more baffling is that even Metro by T-Mobile requires a PIN made upon account creation. Dafuq kind of service is Verizon offering?
In Australia the banks are fully responsible for any fraud involving any accounts. Defraud away!
Then dont use it. Bank of America app gives you the option of biometric fingerprint scanning instead.
@@senatedocument2646 Only for login as a replacement for your password login. Does absolutely nothing for 2FA, Bank of America does allow for Passkey usage for 2FA as well, but still allows SMS as a fallback.
MFA is only as good as the weakest link.
Criminals are working with company employees now.
It has to be an inside job with the employees of the carrier.
@brightnright6768 It will only getting worst with this DEI bullshit crap world that we live in now. Not to mention in the airline industries with the highest safety concerns…SMH!
Inside job for sure.
CRIMINALS ARE THE GOVERNMENT NOW OR DID YOU MISS THAT CHAPTER
It absolutely does not have to be. Although it could be.@@Jblaze024
So the phone company that gives the scam person or phone number should be held accountable
Sounds like an inside job with these phone carriers.
It's the bank's responsibility. They shouldn't be using cell phones as an authentication method.
it's the phone company's responsibility, they shouldn't just willy nilly allow anyone to walk in the store and just take your number @@stefanpuffer
They should be accountable for getting her phone number back. Why is the bank using the phone company to authenticate their customers?
So the $17k says it was withdrawn at a bank teller. So whoever disbursed that money to the criminal is also fired.
Especially since the person withdrawing is in a different state than the address than the bank account has on file
@@TrashScoutMain this. this definitely could’ve been prevented but it more than likely was also an inside job
@@TrashScoutMain Many banks operate in multiple states. I've actually had to withdraw money from my account at the teller window in a bank in two different states. The kicker is that I've needed official state-issued photo ID to do so... Gotta wonder why that very basic step failed at the bank.
$17k means that it was probably not the teller alone, there was probably either a manager or it was a teller that was working with the scammers. $17k should be well above the threshold for various money laundering regulations to kick in.
@luluisfunny no I don't doubt people do that.
But this person emptied an ENTIRE bank account of 17k. That should have been a big fat red flag, lol. Unless the teller was in on it or something.
The amount of bravery this took was INSANE. These people all had their lives in danger, but still decided to go through with the recovery for the sake of busting bad scammers. True respect *Strong widget!*
If the FBI was half as dedicated and ingenious (and honest) as you guys are, the USA would be a much safer country.
Amazing work!
No BS, my bulletproof way to prevent this from happening is to have $0 balance in my account
That works every time.
I would also recommend that you place a "credit freeze" on the three credit agencies, that way no one can open a loan with your information.
Yeah try to have less as I can on my two bank accounts, rather keep cash in my safe.
Put most balance in savings not checking make bank have to contact you if transaction over $1000.
Also, if you don't use your cc often, go into your bank app and lock the card. That way, if someone gets the card info, they can't use it.
What the heck? The particular store that the scammer walked into and requested a new sim card does not have video surveillance cameras?
That's the false narrative. That's why they never catch the hackers. It could be cia, nsa, or other local/foreign government agency. All your safe guards get bypassed during hacks.
The phone stores are in on it
@@niceclaup1 you are correct because I was hacked a couple of times and found out that you cannot sue the phone companies when this happens..
Inside job
That's a great indicator that they know they are committing crimes.
Happening at more work places than people would expect.
If there's no cameras, you probably don't want to work there...
(In my working experience, any place that refuses to install cameras is usually at fault for either criminal activities, falsifying documents, or generally some kind of evading the law for some reason.)
And you don't want to get involved. 😅
My office is in Salt Lake, Sec V, Kolkata..we've got several companies in the same building, last week we've received a message from the facility manager asking us to report any illegal activities related to online scam and this one was from local cyber crime cell. Thanks *Strong widget on the internet.* This thing is happening for real. Keep up with your good work.
The amount of stress this causes is immeasurable
Common sense combats it
@@GodAboveAaE how did she do anything that didn’t display common sense?
You know how much stress I have from stuff like this by NOT having a cell phone? ...NONE.
The companies should also be sued for that!
Don't worry this is fake news
Her first mistake, banking with Bank of America 🤦♂️
Yes, that was my immediate thought, too. Why do so many people use that bank?
@@virginiamoss7045they have the most locations world wide I believe
Lmaoooooooo
These stories slways seem to involve BOA or Chase. Use a local/regional bank where they can't escape the bad press
Her second mistake is leaving too much money in the account 17K is a lot to keep an account
I am from Kentucky and I love you for doing this *Strong widget.*
These scammers are worse than insects, ruining most country's and city's name. I don't know how are they so proud of scamming people.
I pray that anyone who reads this get a successful money recovery in life. Successful people don't become that way overnight. What most people see at a glance-wealth, a great career, purpose is the result of hard work and hustle overtime
THE PROBLEM IS NOTHING IS DONE TO THESE SCAMMERS WHEN THEY GET CAUGHT…
that's not true, they face serious charges. Unfortunately they rarely get caught,
Except most of them are overseas in some foreign country, Lagos, Russia, whatever, we can't do a damn thing about some petty criminal living in Lagos
@@HobbyOrganist not in this case, someone went to a physical store to buy the new phone with the sim card
In Russia, Turkey, Albania, Uganda?
Same issue with criminals on the street, they rob and steal and nothing happens to them, but the GOOD people get screwed
This happened to my husband’s phone 2 years ago- we are still in the midst of a lawsuit against T-mobile. When the phone shut off, he got an email alert that someone somewhere in Europe had initiated the SIM card swap although we are in the US. The phone company needs to pay if they making identification theft so easy for scammers.
I hope you win your lawsuit, they should be doing background checks on their employees.
I can tell you, you probably had a smart watch on your account or "Internet of things" line as well. Your email was hacked firstly, allowing for the hacker to gain access to 2fa, they found the bill in the email they hacked, found the primary phone number, deleted all traces of email activity while they set up your future credit's demise after cloning your number because your account didn't have a certain code applied, "DBLOCK", being the main cause of what opened your doors to the hacker past your email getting hacked firstly. I'd sue Google firstly 😅
@laceyjoe5933 Your comment was inappropriate and apathetic! She was scammed and this had nothing to do with religion. You are a part of a larger problem in this country about religion.
This was a Verizon employee who did this. No way you can walk in a Verizon store and just get a new phone without A LOT of information.
The crooks cannot access her bank just by having her phone number.
That was my thought. I don't have any banking or credit card info on my phone.
There's probably a LOT of details the story left out, there's always 3 sides to every story@@SilverSergeant
Nonsense. It happens more than you know with mobile telephone network operators.
It is caused by poor procedures for identification checks and a failure by personnel to adhere to the procedures.
That’s true. It took over a week for my husband to switch from another carrier to Verizon because when we first got our phones they never listed anyone as the owner of the account and authorized user. We first got our phones over 20 years ago so I’m sure everything was different.
It's a shame whenever there's a problem at Bank of America they won't do the right thing until the customer's issue(s) make the news. I speak from experience in this.
Thank you for letting us know that two point authentication is irrelevant.
She is using 2 factor authentication by her phone not using google, Microsoft, 1 password authenticators.
The 2 point authentication with my coinbase account is what allowed the thieves who swapped my SIM to get control of my coinbase account. It is relevant.
@@cryptotaurus333 Tell me about the method you used, did you disabled SMS and used a third-party app like google authenticator? Did you use only authenticator, or did you use both?
@@ElyesBoudhina because unfortunately almost no one supports actual proper two factor authentication via app
@@AustinHollingerOfficial Please do elaborate.
You mean to tell me that someone can just walk into the phone store and say that my phone number is their phone number and completely lock me out of my phone and steal my identity? This seems like the phone company’s fault, so the bank is probably going to sue them to recover that $17K, but something needs to be done so that someone’s identity is not so easily stolen.
The bank won’t do anything. They will just raise rates and fees. If it came out of their pocket they would clamp down on this crap.
No, phone service is just that...phone service. It was never sold as a way to security your bank account. The banks came up with that and it is flawed yet they continue to do it.
Basically yes. But typically the person calls the phone company with a story like, "I dropped my phone in the ocean- etc. I bought a new one but I need you to set the new phone number to this new device I bought." Once the phone company switches your number to their phone they typically try to log onto your bank and say they forgot the pass and to please send the new code via text - to the phone number that they have just hijacked. It is scary.
I have Bank of America but they will not allow me to do large purchases/withdrawals without me being at the place - This is terrible.
First the scammer needs to know a person's phone number, their ssn,their full name, and their bank account number or login name. And they needed to have the drivers license/ID card. And they needed to look like them.
And this story is claiming the scammer passed all of that and got away with it. The bank and Verizon screwed up then. Something's not right.
@@marshallhughes4514 I am not understanding how they got past a two step verification process. Can someone explain?
This is Verizon doing this. A simple check of this person's identification should have pervented this. Verizon needs to be investigated by the FBI and then maybe they will do something about it.
Verizon is THE WORST SINKHOLE OF EVIL
But Trump and Marjorie Green want to defund the FBI.
Have you not noticed that the, FBI is CORRUPT!?!
Inside job
I can't praise you enough for being here for the victims! Thank you so very much *STRONGWIDGET* !!
You guys are Superheroes!!! Thanks for looking out for all of us and especially our elderly because they appear to be the most vulnerable. You guys are Aces ❤
Sim card is an inside JOB at Verizon or your cellphone provider.
oh, that makes sense, that's why I got confused at first
The few times I've purchased a new phone at Verizon I had to show my ID and my old phone. Of course someone could claim the phone fell in the river and present a fake ID, but the point is Verizon did require something,. Now what Verizon did with that verification is another question, they might have just looked and said, "OK",..
The carrier probably didn’t ask for her PIN number?
7/11 was an inside job.
They should start holding banks responsible for allowing fraud to be so easy for scammers versus the actual account holder.
Here in Australia, all banks are required to take full responsibility for any fraudulent transactions, whether at fault or not.
We have many more useful protections than the US.
In this case, I don't think the bank is responsible. You still have to log into your bank account. She clearly allowed her app to auto log in with prefilled id and password. She probably assumed her phone is locked so she doesn't need to worry about passwords in her app.
@@TransConBrilliance Good point, but how is it that they can deny you access to your own accounts versus someone else?
It's always the women
@@OpinionFactChecker She was reimbursed by the bank you can keep your "protections"
Bank of America is just as much at fault. If a customer is reporting such an issue which also prevents them being authenticated on the spot, they should have put a hold on the account to secure it until the issue was sorted.
Shouldn’t Verizon take responsibility for this? They should require proof of phone number ownership before giving out a new phone.
No because it's not Verizon's responsibility to provide secure access for banks.
Verizon is responsible for getting her number back to her phone, and for giving her a refund for the month she didn't have that number available. Why would they be responsible for her bank's failure to properly identify the bank's customer?
@@stefanpuffer Two factor authentication was used. Had Verizon not provided a phone to someone without verifying they were the owner of that number, this wouldn’t have happened. I’m no Bank of America apologist, I closed my accounts with them ten years ago and will never go back. However, what is a bank supposed to do if the security features are used as intended? If I respond to a phishing email with my login information is the bank responsible for the person who used the information to transfer money out of my account?
@@lindamurphy3969 besides two factor authentication, the scammer needs a lot of other information. Where did they get this information?
the biggest problem is us. We demand things be easy to do and we do not want to have to go to the store to do anything. People want to place and order online and have it sitting at their door step when they get home. Can not wait until the next big thing people start trying to get stopped will be all the waste from getting all this crap sent to our homes. They want to complain about all these plastic sacks but forget how much it takes to ship to your home. This would be a big issue to places like amazon that only ship to you. Maybe brick and mortar stores would make a come back and people would stop being lazy
I know someone who was sim swapped by employee at AT&T. They lost $220k, AT&T kept saying they were not responsible for what there employee did after lawsuit it was settled out of court.
If BofA really took this seriously, they’d ditch sms authentication.
Verizon has to have to video of the perp. Also, that perp had to transfer those funds somewhere, which can be traced electronically.
You know the video shows one of their own employees doing it so you know they aren't coming forth with said video.
The money goes out of the country within hours. They use Western Union.
@@isabellaflorentina7574 Yep, sim swaps are almost always an inside job. I worked at verizon a while back and some of my coworkers were extremely shady characters, not to say that any other carrier is any different but I saw some shit there. Sometimes it's just a lazy employee not following policy on verifying ID/account PIN, but most often it's an employee getting paid by the scammer to do the swap. Which is just INCREDIBLY stupid since the company not only has CC TV in every store but can easily track who logged in to the system to process the swap. I can't understand why anyone would risk their livelihood and freedom for a bit of money, but lots of people aren't exactly critical thinkers nowadays.
People are so evil to do things like this !!!
🙄 this is #AMERICA 🙄 a Nation built on thieving, thieves, deceit, dishonor, disrespect and evilness🪑🤦♀️🤔😩🛑
basketball americans literally have rap music about this stuff and how to scam look up scam rap
I looked that up. The depths these people sink to is astonishing. When a culture values crime as "aspirational" it's well and truly fucked. Absolute trash.
"basketball americans" smh @@icespeaker81
Cyber HEROES!!! That’s what you guys are. ❤️THANK YOU THANK YOU THANK YOU ❤️
*PLEASE READ THIS:* Hey *STRONGWIDGET* Don’t listen to the Stupid trolls complaining about what YOU do! WE clicked on to YOU... we all know you rock, we get get your 'help' humor.
Don't waste your time trying to get the general pop to understand, they'll never 'get it' and they'll just bring you down., Keep being you, you are LOVED.
This happened to me more than 10 years ago (not $$ theft part). My phone suddenly was 'no service'. Went to AT&T and they revealed that another store had just given my phone # to someone else. What was crazy is I had to prove who I was AND give them a PIN to get it restored back to me!
Idiots
I think they were right to ask you for your ID, but it is strange that they gave out your number to someone else.
@@joshr8666 that’s my point.
How is that even possible?
@@karami8844 Corrupt phone store employee.
This is the phone company’s fault, and not the bank’s: They must require absolutely bulletproof ID before issuing new SIM cards, and we all need to be prepared to provide such ID on a moment’s notice.
Actually I blame the bank because they are relying on the phone company to provide account security. Any expert will tell you to not use text to your phone as an authentication method. Unfortunately many banks continue to use this insecure method to protect accounts and that is wrong.
@@stefanpuffer, your point is reasonable, but I don’t think many consumers are sufficiently familiar with, nor even aware of, other alternatives, to be able to deploy them widely.
Why would that be the case? The bank is relying on random third parties (phone companies) to provide identification and authentication. That's terrible. The bank should be providing alternatives, and they should be responsible for making you aware of the alternatives.
@@mr88cet In some cases though there aren't many alternatives to do 2FA although for example, I do see that Microsoft is employing a 2FA app that people would use to authenticate their accounts versus getting a code on their phone via text. This would be a good step in the right direction but not all banks or services have these apps or have signed up for services that provide this.
No, stop encouraging the surveillance state. Privacy is more important than anything. The issue is forced 2FA.
This is why I never put my banking information in a stupid telephone or computer every company is sharing and selling our person information to the highest bidder
the news didn't do a very good job explaining and made it sound like the scammers withdrew money only by swapping the service on her phone. The scammers somehow had her banking credentials as well.
@@kalidileriousprobably through a cloud for her phone like icloud
@@jtika1978but how were they able to login to her iCloud when setting up the phone without her password? There’s so many things they would need to pull this off that the news report doesn’t mention
This is unacceptable and both financial and mobile institutions should be held accountable. No one needs this bs these days among other things people have to deal with.
This are the inherent Dangers and weakness of Banking with your Cell Phone.
Banks need to stop using phones as authentication. They need to use email and authentication apps. SMS is not reliable.
Yep. Using a cell phone number as part of 2 factpr authentication is not a good idea!
I don't. Never have.
SOME OF THESE BANKS ARE NOT DOING ANYTHING.
So was it done by an employee?
Most likely yes
@@ceo2586 life in prison
Hey bud, I just wanted you to know that everything you do is necessary and thank you so much for what you do. It's more than just a recovery service, you're helping people. You're actually the push for me to get my degree in Information Technology so that I can protect people from heartless people like this.
Thank you for all you do *Strongwidget,* you're a genius with a big heart and principles. Support and Respect from Britain .
Phone service providers should need to require authentication for sim swapping. They are the weak link here.
Exactly! 👍
Banks should not rely on phone service providers to security their account. The banks are the weak link here.
This sounds like an inside job. How would the scammer know her phone #, that she banked at Bank of America, her account #, and that she used TFA?
They also need the PASSWORD before two factor authentication is started. Hmmmm.......
if you ever write a personal check, chances are you are giving out your name, address, bank account #. Your phone number can often be found out via public web. And if you use weak password for your account, game over.
The lady should sue the phone company.
If phone companies could get into legal problems from situations like these, they’d quickly enact policies to combat this type of fraud.
The phone company never promised to keep her bank account safe. They should be responsible for getting her phone number back to her, and give her a free month of service for the time it wasn't accesible.
@@darrennew8211 No but the phone company *IS* responsible for not performing sufficient identity checks before changing the SIM card number against the phone number.
So they are liable.
@@deang5622 They're liable for getting her phone number back and fixing any phone problems arising from that. They aren't responsible for what the bank did with her phone number. It's not their job to serve as an identification platform for financial services.
In Corporate America, the only policies that would be enacted quickly would be ones to protect the phone companies from lawsuits. Who do you think the law makers work for?
It usually sucks to have no money, but in situations like this it works to your advantage!
Dear Smirk 2452: Life isn't that bad after all, eh?
🤦♀🤦♀🤣🤣
Seems like Verizon should be responsible not the bank.
It's fake news
When your money was transferred to a scammer's account in another bank, couldn't they catch the scammer and recover the money?
Exactly! It's all bullshit
Was wondering that too. I know 10 people personally that have been victims to that bank fraud calling scam with the code. And if that money goes into an account I don’t know how he FBI can’t make arrests !
No, and it doesn’t make sense. Be careful with Zelle too. The bank says once they wire money you can’t get it back EVEN though the bank put the money in that scammer’s account. Makes no sense. They say their account is probably closed by now, they won’t even try to retrieve it. Lost lots of money scammed by an online “job”.
Everytime I've been in a Verizon store, they check ID before they'll even talk with you.
So do bars and nightclubs. IDs are useless, I thought most people realize you can print one up on in 3 minutes. An ID is just a useless artifact from the last century. A total joke actually ;-)
The problem is you have to give the pin to the Customer service of your cell phone company over the phone. That's a problem because it sounds to me like Employees working at such places already have access to your information or could be recording it when you are telling them over the phone and using it down the line or even selling it to someone.
Very true. There is something "fishy" with this on the phone company end.
There is information missing from the news report. How did the thieves get her password? Two factor authentication usually comes into play after a correct password is entered. And even in the rare case that authentication is done immediately after entering a login id, a correct password is still required to access the account. Something is fishy about this situation.
I agree. I think somehow they first got her banking info and then did the sim swap.
They did not say if she had a password saved on her phone, but if she did, that couldn’t have transferred over to the new phone, right?
I think they either had to have used phishing/a virus to get her info or they discovered her password in a data breach.
So do you she had the bank app and that’s how they got her info
If 2FA is through SMS, a sim swap gives you access to everything, including e-mail and changing your passwords. If she had a dedicated 2FA app or token, this wouldn't happen.
We take identity theft seriously, once you contact my manager's manager and get declined and have to file a lawsuit to get us to do anything.
I don't normally post comments...but you guys were Ana's angel. From the depth of my heart, thank you *Strongwidget* for protecting our most vulnerable!!
Thanks so much for the hard work, you do on this world. I been watching you for, a while and amazes me every. Time when you save someone that has being Scammed I wish you all, the best saving more people
I've been switching phones and phone carriers for years. I always port my number to my new service, and whenever I do, I need a special pin code to do this. I'm surprised the scammers were able to do this without that pin code.
Why doesn't the phone company call the number that's being requested to move? Just to check?
Phone companies then should be held accountable for not making sure that person is the rightful owner and pay all thefts.
The real problem here is, banks like BoA don't allow you to use ONLY an authenticator app for 2FA and disable texting as a method of 2FA. I don't like law suits, but this problem is so prevalent and the solution so stratit forward, maybe it's time for a class action suit to get the banks to make changes.
Yep, if I had my way, I'd only have something like a FIDO enabled token or one time key. I think it's worth having 3 of those keys, two as master keys that can unlock any of the accounts and never leave the house and one for just a couple accounts where you may need to log in again when you're not at home. The keys themselves aren't that expensive and far more secure than what you'd get from SMS or email. Both of which travel over the network unencrypted and could potentially be eavesdropped on. (Admittedly, the likelihood of that happening in the time before the code expires is relatively small, as long as they haven't tapped your device to see when it's being received and using it in the meantime)
@@SmallSpoonBrigade We had a great hack where I worked, before everyone switched over to yubi keys. The pretty young girl calls up and says "I don't have my phone with me. Can I send my code to your phone and you read it to me?" And of course the code he reads is the code of his own account sent to his own phone. You really need something that can't be phished.
They also require a password to be entered. How did the scammer know she banked at BofA?
@@kenough I'm guessing it was an inside job all around.
@@kenough once they have a sim card for her phone number, they can reset her password to whatever they want.
All very well to be aware of this, but is is the SECOND factor. The first factor is knowing the victim's bank account number AND their online password to log in, AND their phone number. None of these many videos about sim swapping even mention how that primary breach happened in the first place.
rtel123, totally agree with what you're saying. I expected more on how the thieves got certain information like that.
So in other words, it wasn't just the phone number. Someone had to have gotten where she banks at, the account number and the password to give to the phone company.
Wouldn't they need to know her account password for Verizon as well.
Scary stuff regardless
The first factor is the password which can be reset using the phone number. They text a link to reset it. Then they send a 2FA code. This is why 2FA is basically worthless unless you are using an authenticator app. Never use text 2FA when you can use an app.
Yes, this story was terrible.
@@C_G1443 Hmmm, I thought password reset is via email, not phone?
Lawsuit against The worst bank in USA Bank of America
They all ready have one
I just did my deposition on May 2nd
Sim swapping should be a life without parole kind of crime.
No
We need to close the border and mass deportations entire bloodlines with first 2 generation's cause they all came illegally at one point
While murderers get parole? You must be joking.
@alexshank1414😂😭
That penalty is kinda steep. Nice!
P.S. That wasn't suspicious to Verizon - that someone who lives in Maryland was purchasing a new phone in California?!? 🧐
People move. They probably verified her info (which was stolen from her).
Many suspect insider job. Scam rings paying off employees.
I can understand how they got control of her phone number but there has to be more to the story. They would also have to know which bank she deals with, her account number and her pin number.
I have a sense she got one of those fake emails telling her that there was some problem with her account and she needed to log in. That would provide the criminal with her bofA user ID and password and phone number (if she is not yet enabled two factor authentication)
By going to Verizon and buying a new phone without checking for id which gave them the access to her number and phone. I’m betting it’s someone at Verizon.
They said all this in the video guys lol
Also, if you ever need to "recover" your password, it takes the 2FA to gain control and change the password, which uses either your phone to text a code or an email address to email the code.
So all someone really has to do is get your phone number and your email address. Then they can attempt to get your sim.
Once they have that, they can go to your accounts -- email, bank, utilities, you name it -- and start changing things because they are, thanks to today's technology, in effect, you. All the verification codes you would normally get are now going to them. Your service on the phone in your hand is dead, so you aren't getting those codes.
As far as I know, the only way to protect yourself is to immediately contact your service provider to see what you can do to lock the SIM down, using authentication apps, and using a unique login name or email address that you don't use publicly just for your banking, shopping, and service provider logins
Well, that 17K was transferred to a specific bank, with a specific account number associated with a specific name! That’s where the investigation should start. Am I missing something?
Exactly. I don't think the news reporter completely understood what happened. They just made it sound like if someone swaps your sim card they have access to your funds. It don' t work that way.
Two-factor authentication means two factors. So, either this woman's bank password was known to the attacker, or the attacker called the bank and convinced them to change the password, which I would think is unlikely. If this woman uses the same password for everything and her password was in a data breach database somewhere that would explain how this happened.
True about if she uses the same password, but...
"or the attacker called the bank and convinced them to change the password, which I would think is unlikely. "
You know what a bank does when you call them to reset a password if you have two-factor auth?
They use that two-factor to verify you... The password is the easy part to reset if they have the SIM.
What is a bit trickier is the username... How did they get her username?
I agree with the data breach being a probable issue here, and she probably also uses the same username for her accounts...
Especially for financial accounts, not just obviously don't use the same password, but don't use the same username to log in...
I totally thought the same thing. If her phone number was stolen, that’s one part of two factors needed to get into her accounts, so how would the thief get this other information (the password)? The only way I can think of is if they knew what bank she banked at (but how would they even know this?), called them as another commenter wrote, and changed the password.
Exactly......The crooks had more than just her sim. She likely caused the real problem.
gr8 comment y helpful replies grazie Tom Doody middle-age American living in New Jersey near the Lincoln Tunnel
@@desiv1170 They also need the other information about your account though, such as your account number and name. Just having your phone is not enough.
Breathed a sigh of relief for this woman when I saw that Bank of America reimbursed her for her loss. Now it's time for Verizon, Bank of America and other phone companies and banks to up their security measures and procedures game.
Banks shouldn't do anything without the person being at the bank with proper ID
so that means international wires, sending a check to anyone and then not being there with them to verify u sent it to them when they want to cash it? did u even think about that before u said it lol
@@jackson_craft_gamingscates9324 you idiot, they don't have to be there at the SAME location, but they need to show up at their OWN LOCAL bank to DO and VERIFY the transaction, at least with large amount like over 10K, so that they have records of who's sending and who's receiving, in case of thefts, which are prevalent these days.
@@jackson_craft_gamingscates9324 No, the person sending the check would be there with ID. Did YOU think about that before "u" said it? Clearly not. He never said BOTH parties had to be there but maybe the ONE party draining her entire account show show an ID first, genius?
It's fake news
Just like voting
Fun Fact, Bank of America was once named Bank of Italy. I still find it amazing that people still use them.
Anything with 'America' in the name is dodgy.
@@OpinionFactChecker Exactly!
It changed the name almost 100 years ago so that’s not the issue. The problem is how the bank is managed now.
@@OpinionFactChecker My favorite one is "Federal", there are many Americans that think that the Federal Reserve is part of the government... 😞
@@lpg12338 It's an independent government agency located in DC with members who are elected by the President and Congress. It's not technically "a part of the government" to enable autonomy, which prevents control/misuse by politicians. So it kind of is a part of the government, but it's not run by government. Kind of splitting hairs.
The dude is just not fakeing . The finishes of the goals. Beautiful. Magisterial. Love you *Strong widget.!* 🙏🏼 Whoever's reading this, I pray that whatever your going through gets better and whatever your struggling with or worrying about is going to be fine and that everyone has a fantastic recovery! Amen
Magic isn't real - stop with your spammy BS
@@stevenpike7857 it’s not spamming
Never use my mobile to buy anything.
This didn't happen because of how she used her phone or which apps she has. It happened because her identity was compromised and she used text message 2FA which gave them access to the code. This is why any secure account should use a 2FA app, not a text message 2FA.
The sad thing is, the insurance companies for these banks never go after these criminals. Someone ordered a debit card in my Mothers name and paid their bills. They could have simply found out whose utilities they were but, didnt.
Tell your mother to check her bank account EVERY DAY and set up a notification option. My credit union notifies me every time there is a transaction over $25. Annoying, but less annoying than someone using my account to steal my money.
There is an easy way to stop this- don't do internet banking.
We need to mandate that any bank used by criminals in a scam must refund the money to the victim's bank. The the criminal's bank can recover the money from the criminals. We must also mandate full investigation of these scams with mandatory very long sentences of no less then 10 years of hard labor on a first offense. We should bring back chain gangs.
I worked at a major cell company for a long time. The store personnel work on commission or low salary plus commission. The store employee had more incentive to sell the phone than to check to make sure he or she had the correct customer. This is why the store person neglected to check for the passcode on her account.This allowed the customer to be hacked.
This man really Hit the ground running and hasn't stopped yet. He gives us more understanding of him without interviews and negative antics he just shows us who he is through the Recovery. True living legend. We salute you.
Incredible recovery. The Execution, creativity, and goodness that came from it were inspiring on a number of levels. Cheers *Strongwidget* & looking forward to seeing what you do next!..
Had this happen to me in the UK. Started with getting multiple dropped calls to my phone, before I got an email thanking me for reporting my phone as stolen. My phone was right in front of me, but when I looked at the screen it said ‘no service’. Within an hour they’d taken everything out of my bank account, and tried to set up Apple Pay. A horrible experience.
This is why we should be able to keep our cell phone numbers private!
How is anyone going to call you then?
Could get more than one number. Port one to Google Voice, get a second that's private.
My cell phone number is probably in 100s of places things like my medical care appointments
$17k in her bank account ... how many can say they have that much TODAY ??
I can. But I just transferred it over to savings. 🤣🤣
The phone company doesn’t verify that the buyer “owns” the requested phone number?
insider help with access to her info
They obviously thought it was her. They must have stolen her identity and pretended to be just buying a new phone.
The banks and the cell phone carrier should be held liable. This is such a threat to the stability of our entire social/economic system. If it is not safe to keep our money in the banks people might realize how much of a fraud our entire system is if we all tried to withdraw our money, which actually doesn't exist.
Something is missing in this news story. *_TWO_* factor authentication is exactly that: "two" forms of authenticating who you are. So, a crook now having your phone number to receive a "confirmation" of your identity still doesn't explain how the crooks got past the *FIRST* authentication point, which is usually your *username and password.* ?? Even _IF_ a crook didn't have your password and was just trying to change/reset your password, usually that means that they still had to know your *username* before they could click on "Reset Password". What am I missing?
Is this only happening to folks whose username/passwords have been hacked (or are on a black market list of usernames/passwords)?
Crook can't just call the bank and ask over the phone to change password without giving an account number and other identifying info. ??
That is correct. Also, how did they get her phone number and know is what linked to that bank?
I was going to post something very similar (including "two factor authentication is exactly that"!) But in this case I believe the money was taken out at a teller where they use SMS/pin for verification. But that still means they would need to know the account number and the bank, plus the risk level for the scammers would be pretty large
Edit: My comment below is no longer valid. As noted in other comments in the thread, this is a huge security hole.
Original comment: Exactly. The news channel should have at least consulted someone who is tech-savvy to properly report on this. There is a huge missing hole in this story. There were 2 locked gates into her bank account - this report mentions only the second gate. My guess is that she first fell victim to phishing or similar scam and disclosed some of her information before the SIM card swap even happened. This is not to excuse why a SIM card swap should have been so easy. However, It is barely half the story why money went missing from her account.
You don't need the username for Verizon if you have the phone number. Once that's reset you also know the username and email which is presumably the same as the banking info. So now you have what you need to reset that too. Since she used text 2FA rather than an authenticator app, they had access to that too.
@@C_G1443 - Not ANY of my multiple bank accounts use my *email address* as my login name. And if I click on "Forgot Username" (which I did just now), it asks for my social security #. *It appears what's missing from the story* is that victims of this SIM swap are usually *also* the victims of *identity theft.* An identity theft profile with a few pieces of personal info *combined* with a person's mobile number would be enough to successfully gain access to their accounts.
Why do we allow criminals to roam free?
Because everyone's a criminal in one form or another. Anything anyone has ever done to manipulate, coerce, or get what they wanted from someone is a criminal. No matter how small or insignificant it may be.
@jblaze024 Do you need a shovel for that load Bravo Sierra?
Because it's rccssst to jail them. 😂
A whole bunch of them are out of the country. Hard to prosecute the citizens of another county, much less find them. BUT there is so much fraud, financial institutions are going to have to get a whole lot smarter.
@@chuckh4077 Ummmmm, no. See Trump should be in General Population as much as anyone else. I don't care about race. I do care about locking up criminals. And countries that have criminal operations that prey on Americans? Shut them down, too.
No questions for the bank as to why they initially refused the obvious claim? This is entirely between Verizon and the bank.
because somehow they had her credentials to log into her account which had nothing to do with the phone.
Sounds like Verizon is responsible for this if it’s that easy to use their system for fraud.
Humanity continues to be 🚮.
Phone companies by law should be required to verify and record the identity of the customer and employee that conducts a sim swap. Once there is a trail it will help catch these scammers. Only then will these identity theft cases will slow down.
Correct and excellent explanation of what is required - at the least - in order to stop this kind of rip off.
THANK YOU FOR BRINGING THIS TO LIGHT I NEVER EVEN KNEW IT WAS A THING.
It's not this is fake news
This is just one more reason why I hate using a cell phone. It is hard to keep up with all the latest scams. I thought land lines were bad, but cell phones and computers make land lines look secure, in comparison. And because there are also land-line scams, I had to switch to extremely limited service so someone couldn't use my land-line number to call someone overseas or out of my calling area.
Hello how are you doing beautiful lady. I hope you are doing good. I'm Fred from Minnesota, nice to meet you here. Stay blessed 🙏🏼😇
Why TF did Verizon allow the criminal to open an account in her name without checking government issued photo ID? Verizon should be fined to return all of her lost money (all $17,000) of it. Without such stringent fines, businesses like Verizon will never become serious about preventing identity theft.
Biometrics are much more easily bypassed than MFA. Telling your viewers that those are safer options is incorrect.
Perhaps, but usually biometrics don’t serve as a sole method of authentication. Generally nowadays a second factor is also required besides just biometrics when used for authentication. However, don’t expect clueless local station reporters to understand and explain any of this nuance.
I could be wrong, but this looks like a Verizon problem. On my cellphone carrier account, I have to use a pin code and password before anything can be done. Either way, scammers are getting better everyday...
The phone company need to be sued!
"It all started with this email". That's all I needed to know. Stop clicking links in emails.
when it flashes up on your phone and you inadvertently click on it
As far as I can tell, she didn't click on the link - the email - which was a notification regarding the new phone - was the first sign to her that someone was doing something wrong with her account.
It was an email thanking her for buying a new phone