Stoltmann Law Offices, P.C is currently representing an AT&T customer whose cell phone was hacked by a crook who then gained access to this virtual wallet and stole cryptocurrency. Unfortunately, what happened to our client is not an isolated incident. AT&T customers nationwide have been falling victim to a scam known as “SIM Swapping”. This hacking scam is not a sophisticated attack and AT&T has legal obligations to protect its customers’ personal and private information from unauthorized exposure.
SIM Swapping is a fraudulent scheme where a scammer impersonates an AT&T customer to gain access to the customer’s SIM Card and have it activated in a phone controlled by the scammer. Once the scammer has the customer’s SIM card activated in the phone in his possession, it can then be used to gain access to a frightful number of internet accounts, including email providers. Here’s how it works in the simplest terms: The imposter convinces AT&T that he is in fact the customer, and makes up a story why his phone number needs to be transferred to a new phone. In one case the imposter simply called AT&T Customer Service, told them he dropped his phone in a lake, and that he had a new phone that needed to be activated. Instead of determining whether the phone that was allegedly at the bottom of a lake was still active and in-use, the AT&T representative accepted the unverified representations of the imposter and activated the “new” phone in the hands of the scam artist. The customer’s actual phone was deactivated and by the time it was realized, the fraudster gained access to the customer’s email and then virtual wallet.
These hackers are obviously breaking the law. One such hacker, Joel Ortiz, was arrested and charged with over a dozen counts of wire fraud and other related charge in July 2018. It was alleged he hacked at least forty phone numbers and stole more than $5 million in cryptocurrency. On January 25, 2019, Ortiz accepted a plea deal and was sentenced to ten years in prison.
Mobile phone carriers like AT&T Mobility are mandated by federal law to take reasonable steps to protect customers personal information. This requirement is codified in the Federal Communications Act, 47 U.S.C. Sections 206 and 222. AT&T is regulated by the Federal Communications Commission (FCC). On April 8, 2015, AT&T was fined $25 million for failing to protect customer information in connection with a sordid scheme where its call center employees were actually selling customer information to crooks. The attacks by scam artists on customer cell phones are only becoming more prevalent as our lives become inextricably linked to our hand-held devices. AT&T has statutory and common law obligations to ensure it is taking all reasonable steps to ensure it is not allowing the unauthorized access of critical customer data to predators seeking to profit off of that information.
As is becoming more prevalent in the corporate world, AT&T customers are bound to arbitrate any disputes they have with AT&T through the American Arbitration Association (AAA) arbitration. This clause is found in the terms of service contract between AT&T and its customers. The good news about this is the forum clause contained in the agreement calls for a version of the AAA Consumer Rules, which means other than a nominal filing fee, AT&T should pay the freight for the arbitrator forum fees.
If you are a victim of of a SIM-Swapping phone scam and lost cryptocurrency or other investments or money as a result, please contact Stoltmann Law Offices, P.C. at 312-332-4200 for a no-obligation consultation with an attorney.