Articles Tagged with at&t

Chicago-based Stoltmann Law Offices represents victims of SIM-Swap fraud nationwide on a contingency fee basis. Typically, SIM-Swaps end-run is designed to pillage a victims’ financial accounts.  Although SIM Swaps put many types of accounts at risk, the vast majority of SIM Swap scams lead to the unauthorized access by a fraudster to the victim’s crypto-currency accounts held with companies like Coinbase and Voyager.

These scams have different varieties, but they boil down to the same theme.  Some how, but usually by social engineering or pretexting, an impersonator contacts your cellular telephone carrier, like T-Mobile, AT&T, or Verizon, and either 1) requests that the SIM card – The special identification key linked to your phone number that is unique to you and is what allows your phone to communicate with the cellular network – be transferred, ported, or “swapped” to a new device or phone; or 2) that it be ported over to a new carrier (like T-mobile to AT&T). In either scenario, the carrier then fails to properly identify the fraudster as an impersonator for myriad reasons, and transfers the SIM to a phone that is in the possession of a crook.  The crook, who already has built a file on the victim, goes to Coinbase, for example, and requests to change a password. When that information is confirmed by Coinbase, and because the real user has taken steps to protect their account, Coinbase fires off a message to the cell phone number on file, containing an authorization code, which the criminal now gets, not the real account owner. Armed with the authorization code, the crook changes the password, walks into the Coinbase or Voyager account right through the front door, typically converts whatever crypto-currency is in the account to either Bitcoin or Ethereum, and then transfers it out of the account to an anonymous wallet in the possession of the crook.  Your crypto is gone.  You will spend days emailing Coinbase or Voyager, desperate to speak to an actual human who you think can help you. But they will not. They will tell you they are sorry, but that there is nothing they can do about it. If this seems like a bad dream or some horror story reserved for a camp-fire, it is not. This is a real scam that happens countless times, every day, all over the country.

Just today, a story was posted by the Honolulu Star-Advertiser about the FBI warning of “growing SIM-Swapping threat.” The FBI stated that the FBI Internet Crime Complaint Center received 1,611 SIM Swap complaints in 2021, compared to a total of 320 from January 2018 through the end of 2020. This massive increase, according to the FBI, cost victims at least $68 million. Importantly, these are only those complaints reported to the FBI ICCC.  The real numbers are likely much higher than what is being reported by the FBI.  The FBI advised cellular carriers to do better: to educate their employees through training, set strict security protocols which require employees to verify customer credentials before changing a number to a new device, and to authenticate calls from third party retailers asking for customer information.

Stoltmann Law Offices, P.C. is a Chicago-based securities and investor-protection law firm offering representation to defrauded investors nationwide on a contingency fee basis. We have been prosecuting claims against cellular phone providers like T-Mobile, AT&T, and Verizon on behalf of victims of SIM-Swap attacks for the past few years now. We are also actively pursuing claims against Coinbase for its role in failing to secure their customer accounts in violation of the terms of their user agreement.

Recently, there has been a flood of SIM Swap attacks against T-Mobile customers. Although it is speculation, this summer, T-Mobile announced that its customer database had been compromised, leading to the unauthorized access to customer account information effecting over 40 million subscribers.  That attack, as time has gone by, has been revealed to have been far worse than originally reported.  T-Mobile updated its customers a few months ago, and suggested that the attack compromised critical security information about its customer accounts, including phone numbers, customer names and addresses, dates of birth, IMEIs and IMSIs.  T-Mobile said in a statement that it had no indication that hackers were able to access financial information such as credit card or debit card data.  By way of background, an IMSI is the unique “International Mobile Subscriber Identity” number which identifies every cellular network user. It is a unique 15-digit number assigned to every user and is part of your SIM profile. SIM is another acronym for “Subscriber Identity Module.” The IMSI identifies where you use your phone and which mobile network (i.e., T-Mobile) you access.  This is critical intelligence for anyone seeking to pull off a SIM Swap.

Although the hackers didn’t apparently gain access to sensitive financial data of customers, they did get a picnic basket of information that was surely sold to other hackers. If a hacker has your phone number, name/address, and IMSI, getting a SIM swap done is pretty simple unfortunately. These hackers identify people known to have crypto-currency accounts and then engineer hacks of their SIM so that they can gain access to a target’s Coinbase account and transfer the funds to another wallet on the blockchain and move on to the next victim. Because of the anonymous nature of crypto-currency transactions on the blockchain, the transactions are virtually untraceable and cannot be reversed.  This massive attack on T-Mobile, which compromised millions of customer accounts, is likely leading to a surge in SIM Swap-Crypto theft attacks. These massive data breaches by cellular providers are not  a new phenomenon and occur far too often. The good news for victims is, cellular providers like T-Mobile, AT&T, and Verizon can be held liable for a SIM Swap attack that leads to the loss of crypto currency or other financial accounts.

Stoltmann Law Offices has been representing victims of SIM Swap scams for the past few years. This sordid scam involves a crook gaining access to your cell-phone SIM card through remote access and then essentially taking control of your phone to serve their purposes.  They’re looking for money, plain and simple. One of the most common security features many people use for their email, bank, investment, and crypto-currency accounts is called “2-step” authentication. If you want to change your password for these accounts, typically, you have to check your email and click a link that will then allow you to change a password.  Another security feature involves a pin or code being texted to you before you can change your password to an email or bank account.  If your cell phone number or SIM is “ported” to another phone not in your control, then someone else gets the text with that code; someone else can change the password to your email, investment, bank, and other accounts.  Your cell phone holds the lock and key to so much personal access, it must be secure or the fallout can be a catastrophe for victims.

On Sunday, October 18, 2020, ABC 7 Chicago aired a story on this ever increasing scam. Stoltmann Law Offices attorney Joe Wojciechowski was featured in this story as an advocate for victims of this fraud.  Stoltmann Law Offices has successfully recovered money lost or stolen as a result of SIM-Swap frauds and continues to represent victims. When suing a cell phone carrier like AT&T or Sprint, the claims must follow the dispute resolution processes outlined in the wireless customer agreements between you and the company. Buried deep in that small print lies an arbitration clause that is binding and requires disputes to be filed in the AAA (American Arbitration Association) under the Consumer Rules.  The good news about the AAA Consumer Rules is the company (AT&T, Sprint, Etc.) have to pay the arbitrator’s fees, which can get pretty high.  The bad news is, you won’t have access to the kind of discovery you would get in court.

Stoltmann Law Offices has a combine 40 years of experience prosecuting investor and consumer related claims in arbitration forums around the world.  If you or someone you know is a victim of a Sim-Swap and had money stolen as a result, please contact Stoltmann Law Offices at 312-332-4200 for a no-obligation, free consultation.  We are a contingency fee law firm which means we do not get paid unless you do!

 

 

Stoltmann Law Offices, P.C is currently representing an AT&T customer whose cell phone was hacked by a crook who then gained access to this virtual wallet and stole cryptocurrency.  Unfortunately, what happened to our client is not an isolated incident. AT&T customers nationwide have been falling victim to a scam known as “SIM Swapping”. This hacking scam is not a sophisticated attack and AT&T has legal obligations to protect its customers’ personal and private information from unauthorized exposure.

SIM Swapping is a fraudulent scheme where a scammer impersonates an AT&T customer to gain access to the customer’s SIM Card and have it activated in a phone controlled by the scammer. Once the scammer has the customer’s SIM card activated in the phone in his possession, it can then be used to gain access to a frightful number of internet accounts, including email providers. Here’s how it works in the simplest terms: The imposter convinces AT&T that he is in fact the customer, and makes up a story why his phone number needs to be transferred to a new phone. In one case the imposter simply called AT&T Customer Service, told them he dropped his phone in a lake, and that he had a new phone that needed to be activated. Instead of determining whether the phone that was allegedly at the bottom of a lake was still active and in-use, the AT&T representative accepted the unverified representations of the imposter and activated the “new” phone in the hands of the scam artist. The customer’s actual phone was deactivated and by the time it was realized, the fraudster gained access to the customer’s email and then virtual wallet.

These hackers are obviously breaking the law. One such hacker, Joel Ortiz, was arrested and charged with over a dozen counts of wire fraud and other related charge in July 2018. It was alleged he hacked at least forty phone numbers and stole more than $5 million in cryptocurrency. On January 25, 2019, Ortiz accepted a plea deal and was sentenced to ten years in prison.

Did you buy structured products from a Barclays registered broker? If so, those losses may be recoverable through the Financial Industry Regulatory Authority (FINRA) arbitration process on a contingency fee basis. Recently, Barclays stopped selling highly engineered certificates of deposit (CDs) that resulted in customers earning zero interest. In 2012, FINRA investigated whether buyers of these types of products had a clear understanding of the risks associated with them. Structured products offer retail investors easy access to derivatives and tend to be risky, with their returns tied to a group of stocks or other assets, that could yield as much as 5 percent annually, much higher than the average 1.19 percent average for a five-year conventional CD. In June 2011, Barclays sold a CD based on stocks including AT&T Inc., Phizer Inc. and Alphabet Inc., Google’s parent company. Barclays gave more credit for the stock’s decline than for its gains. Two of the stocks in the basket, Apollo Education Group and Weight Watcher International, tanked, pushing the coupon to zero. If you suffered losses because of a recommendation or sale of these structured products through a Barclays broker, you may be able to recover your losses by calling us today. The call is free with no obligation. We will discuss your options of bringing legl recourse against Barclays.

CNBC
FOX Business
The Wall Street Journal
Bloomberg
CBS
FOX News Channel
USA Today
abc NEWS
DATELINE
npr
Contact Information