‘I sent 6000 texts in 24 hours’: Clever man gets back at scammers who stole his wife's phone number and maxed out her credit card

Advertisement
  • 01
    Steal my wife's phone number? I'll drop you a text
  • 02
    Steal my wife's phone number? I'll drop you a text
  • 03
    Back in November my wife had her phone number stolen, the first we knew about it was when I called her from work and it went to the voicemail of a different network provider. Fairly shortly after, they started getting into her financial apps and changing log-ins and passwords and trying to access credit cards. We locked everything down but they managed to max out a credit card, it was a tramatic time for my wife, and I was 'quite angry' about it
  • 04
    I toyed with the idea of getting a burner phone and making threening calls, but I was warned off from doing this, but I needed to do something Cue petty revenge; I stumbled across a mention of an SMS t mbing website on a sub on Reddit and I decided to have look. Oh. My. Word. This was perfect. And knowing that they would be using the phone to receive OTP texts, it seemed the best way to disrupt them
  • 05
    I could send up to 200 texts at a time at a rate of either slow, medium or fast, so I sent 200 at the fast rate, then 200 more. Then I left it for about an hour and then sent 200 at the slow rate and then 200 more. Looking into the website more I found that I could also schedule texts to be sent, only 25 at a time though, so I scheduled 25 to be sent every hour through the night. The next day I carried on with my onslaught of 200 at a time.
  • 06
    If my calculations are correct I sent in excess of 6000 texts in a 24 hour period, when I'd finished I withheld my number and dialled my wife's number. It was dead, it no longer existed. Mission accomplished!
  • 07
    Ambitious-Effect6429 19 hr. ago How did I not know this exists?! 743 . Reply Share Basic-Dance2487 15 hr. ago edited 15 hr. ago There used to be a sms b mb app for android, I used it quite frequently when off, apple has one but of course it's a subscription, it's under text repeater ↑ 184 ↓ Reply Share
  • 08
    00 RiflemanLax 18 hr. ago I'm a fraud investigator. Phone number porting fraud is really png me off right now. On the surface, when we get fraud claims, they look like bogus claims- OTPs sent and verified (yes, I know it's not the greatest system), or cards activated from the 'good' phone number, verification calls to/from that number, etc. So a lot of front line people are just denying claims because of that and I get chewed out by someone.
  • 09
    And even as a bank, I can't call Verizon or whoever and be like 'hey, can yall send me something that proves this phone number was ported fraudulently?' because the people that will answer the phone are stupid and won't get me to the people I really need to speak to... ↑ 502 Reply Share
  • 10
    semiphonic OP · 18 hr. ago We suspect that it was someone at the network provider that at least helped it happen, according to them 'someone' phoned in to get the PAC got my wife's DOB wrong 3 times but got it right on the 4th attempt I used a credit card to pay for a new phone and a week later had my credit card company on the phone telling me someone was trying to change the log-in etc, I'd only used it with the network provider
  • 11
    No one here (UK) is interested, police, credit card company etc, it's infuriating Reply Share 00 392 RiflemanLax 18 hr. ago Never attribute to malice that which is adequately explained by stupidity. -Hanlon's Razor
  • 12
    Been in the fraud game a LONG time. What more likely happened is either someone called four times and the fourth person paid zero attention to the notes OR you had a rep who has a problem saying no to customers for multiple reasons- weak will, fear of getting a bad grade on a call, etc. I did internal fraud for a while and it's actually pretty rare. Usually because it's just not worth it, but also because of monitoring, and people just generally have morals or don't want to go to prison, lose th
  • 13
    Def happens though. 193 Reply Share semiphonic OP. 18 hr. ago That's a really good point, I hadn't thought of either of those possibilities tbh 72 Reply Share
  • 14
    GoldER712 18 hr. ago This is the weakness of 2-factor authentication using your phone number. Everybody should use an authenticator app (like Google Authenticator) when possible. Everybody should use a password manager that generates completely random passwords and never ever use the same password for multiple sites. ↑ 81 + Reply Share
  • 15
    Infuryous 17 hr. ago This should be higher. 2FA via text message is pure dumb . It ps me off that in my experience most major financial institutions refused to do anything othere than text message for 2fa. 30 Reply Share
  • 16
    Sudden Presentation0 19 hr. ago Ok but how is it possible to steal a phone number? 23 Reply Share Spkr_Freekr 18 hr. ago You convince the carrier that you are the owner or otherwise have this person's credentials so you can move it onto another phone. Then use the phone to infiltrate financial accounts.
  • 17
    No_Captain1990 - 17 hr. ago This happened to my wife's phone a few years ago but was able to cancel everything straight away We received a text from Verizon asking to confirm transfer of service which we ignored think it was spa but hence got an email confirmation which prompted us to realize we had a problem Luckily we were able to close the door on all apps associated with the account immediately 9 Reply Share
  • 18
    Newtronic 17 hr. ago The problem with saying that you should use an Authenticator like Google or Authy is that so many of the traditional and really important services don't offer this. Like brokerages, banks, credit cards. My advice is to set up a Google Voice telephone number and use that phone number as your SMS authentication. First, it can have and should have real 2 factor authentication. Second, there's no one at Google to call to try to sweet talk them into giving a bad guy ownership of
  • 19
    This works and I've done this for my key financial institutions. There was one particularly stupid institution that detected it was a VOIP number and only allowed "real" numbers, probably because the mons thought it would be more secure to have real numbers. 7 Reply Share
  • 20
    Square-Swan2800 - 16 hr. ago On top of cc fraud, in my little town all the locally owned businesses, including dentists, are asking us to use money. REAL MONEY...something we were once told was going to be useless. I use my cc with Amaz*** and App** and that is all. Everyone else gets cash. My grandfather said if you don't have the money in your pocket to pay for it you don't need it. That pretty much seems to hold true. 8 Reply Share

Tags

Scroll Down For The Next Article