At the time, she worked at the FTC and wrote about her experience.Īn ID thief walked into a wireless store, claimed to be Cranor, said she had lost her phone and needed service changed to a new device. Cranor was the victim of the port-out scam two years ago. Lorrie Cranor, a cybersecurity expert at Carnegie Mellon, believes better authentication procedures are needed before cellphone service can be switched.
Once they had the new password, they logged in and transferred out all the money. The phone bandits opened a new mobile account with another company and then contacted T-Mobile to have the service switched.Īrmed with just his Wells Fargo user name - they didn’t have his password - the hackers requested a password change and just waited for the one-time authentication code to be texted to his phone number, which they now controlled. “And I couldn’t log in to my T-Mobile or my Wells Fargo accounts because my passwords had been changed.”īased on what he learned from the bank and the phone company, Kloeppner told NBC News what most likely happened. “I tried to call the bank from my cellphone and it said, ‘No service,’ so I'm kind of freaking out,” he said.
Late one night, Kloeppner, who lives in Shoreview, Minn., saw an email on his smartphone that said he had just transferred $1,799 to another account - something he hadn’t done. That’s how cybercrooks stole all the money in Jesse Kloeppner’s Wells Fargo bank accounts earlier this year.
0 kommentar(er)
