Hi Guys, Like a lot of folks here I've been into cryptos for a while and was happy with them heading up so I decided to sell half of them to lock in profits. I put them onto a well known crypto website and was waiting a few days for the right time to sell. I've now lost all of what I put online. Here's the story. On Monday morning I woke up to see that my mobile phone had no reception (I'll explain why this is important in a minute). Later that day my email inbox got flooded with 1,900+ spam emails and in the middle of that I got an email from the site I buy cryptos from saying that my "deposit had been successful". I also got an email from my bank (one of the big 4) at around the same time saying that there was "suspicious activity on my account" and to get in touch with them ASAP. What happened is that hackers had somehow stolen my ID and used it to port my mobile number onto one of their phones by pretending to be me and creating a new account with another phone company. They then hacked into my account in the crypto website and transferred all my currency into another account. They then got into my bank account and started transferring money from that account into my crypto website account and were buying Bitcoin and transferring it out to their address by the time the bank put a stop on it. Because they had access to my mobile connection, the confirmation SMS's the bank and the crypto website was sending them to authenticate the transactions were actually going straight to them. As it stands, my bank is saying they'll look after me for the money that was taken out of my bank account, but that nothing can be done for the lost cryptos. They're gone, never to be seen again. Talking with the police, they are saying that this is the new way of getting around 2FA or mobile confirmation SMS's ... to actually port a phone number across to a different provider and then take over the account. So here's the lesson for you guys: 1) If you notice your mobile connection not working, GET SUSPISCIOUS! Check your bank accounts ASAP 2) Don't store your cryptos online in any website, keep them offline even if you're waiting a few days for the right time to sell. I share this story because I don't want you guys getting burnt the way I have (I'm not seeking sympathy). Thanks everyone, Sammy
Damn, I'm really sorry to hear about that Sammy There's seem to be a bit of information missing which is making this hard to try and put together What sites were you using that required mobile SMS? Personally, I would never link my phone to anything to do with crypto And how did the hackers initially get your ID in the first place? Was it through your mobile? PC? Do you even know? Sounds like it could have been through the site you used to sell your coins, which is why it would be good to know what site that was
Hi Sammy, thanks for the warning, much appreciated. I took some some advice a couple of weeks ago and bought a Ledger Nano S and moved my crypto onto that, works well so I got that covered. Whenever I've tried porting for myself I got asked a barrage of questions before they do it. So do you have any ideas on how they got those answers to the questions? You can't just port willy nilly. Did the police say how they might have done that. The breakdown seems to be the unauthorised porting, how the heck did they get all the info to do that? Thanks for the warning anyway, cheers.
your mobile phone number is now you, try not to link it anywhere at all if your face book has it, your ebay has it your bank has it sorry your face on I-phone is not going to save you you may have the wallets, but the pick pockets are well beyond your imagination
3) Don't use your mobile for anything to do with crypto or banking, they are not secure platforms. Sorry to hear you lost your coins
Sorry to hear this. I would also really like to know how they ported your number to another provider? They normally ask a million questions these days to setup a mobile plan. Did you give photo ID to an exchange or something? I know a lot of people do this, but it always spooked me, so i never did. I think we are going to see a lot more of these hacks going into the future. Too many people have provided a lot of info to unsecure crypto exchanges.
Damn so sorry to hear that mate. I just recently ported my number to another provider, it was actually quite easy, however you do need to provide an ID number in order to do so, but that is it. You input the correct passport number/drivers license number, DOB, name you are set. So if someone got a hold of that, yes they could have ported your number. I however got a message almost immediately from the previous provider advising that the number was going to be ported and that it could take anywhere between 3hrs and 3 days and to contact them ASAP if I had not requested this. I thought it was a little bit too easy, although one needs a piece of ID to do so. What I really don't get is this: How could they have done that? I mean your netbank has its own password to log in. Sure they can access the SMS confirmations once they have ported your number, but how on earth could they have also hacked your bank password?!
Maybe they installed a keylogger onto your PC. Might be best to do a clean format. Also do a factory reset on your mobile phone, otherwise they will just keep getting your new passwords and info. As John Mcafee has been warning, there is going to come a day when a massive amount of people are going to get hacked in a 24hr window. Everyone needs to keep their devices secure and up to date.
OP, sincerely, thanks for the warning. My barber warned me that there is going to come a day that when a massive amount of people are going to need a haircut in a 24hr window.
Dude! lol I'm with you My wife spent $245 at the hairdresser Im like what the F....! Where was the haircut..Sweeden lol
Thanks for your story Sammy. Have you figured out where the phishing got you? One one of my email accounts gets lots of email "offers" from COLES, WOOLWORTHS, DAN MURPHY, and BUNNINGS. Seems the crooks are now trying to become more local. Have you reported this to AFP? Really sorry to hear about this mate. Best wishes. Sulla
Thanks for the support guys, It means a lot! Yes I did, but I've spoken to them and they have told me that the ID database has not been compromised They're are bending over backwards to help, so I'm holding them in high regard. I don't get this either. My bank has a cyber security team investigating so I'll keep you posted on what they tell me. I've got Norton on my computers, so I don't think its a virus/trojan on my side. I reported it to the police the day it happened, but to be honest they are useless. The officer told me that she'll write out the report but it's on unlikely that they'll investigate because there's a department called ACORN which specialised in cyber crime. I lodged a complain with ACORN, but their website says that they don't have investigative powers. So I don't think anything is going to happen through them. The police also said that the responsibility to investigate the matter is on the bank.
Hi Soporano, I don't want to post the name of the website just now because I don't want to slander someone until I have all of the facts. They have been VERY helpful though, and I've even recieved a call from the owner of the company, been given his email address and he's investigating the matter personally for me. If it turns out that their systems weren't compromised in this hack, then I'll give you guys this company name with my vote of confidence for the way that they are handling this problem ... but I want to make sure I've got my facts straight first because there are a lot of questions I haven't had answered from my bank and phone company.
Sorry to hear about this Sammy. The only thing I have to say about it is to be very wary about using a Mobile Phone to either link to a bank account or to your Crypto wallets. Mobiles are a very vulnerable point in your security compared to a private laptop. I never link anything to do with banking with my mobile number except for it being a contact number for my bank. I don't even enable paywave on any of my cards. Disable Bluetooth unless using it and use a separate email account for 2FA of your Crypto Wallets. Oh and always try to never leave any substantial amount of Crypto on any exchange.
I am curious about whether this is possible as it sometimes happen the bank will send an SMS for a transfer confirmation? I cannot remember in which cases though. Do you also exclude using the bank app on your phone? I suppose the app is a lot more secure since it can't be accessed by porting the number.
sorry to hear about this sammy. good reminder at this time to be vigilant with security. do not store crypto on exchange and have mobile validation, authentication applications like google are better and should also be backed up.
