Scammers emptying PayPal & Bank Accounts of MetroPCS customers!

The wall of sheep posted about how MetroPCS users are having their default password used by adversaries via a sim swap attack. The original post can be found one the wall of sheep website via HERE.

Warning for MetroPCS users! Identity thieves are targeting MetroPCS users by exploiting a poor security policy which is by default to use the users birth date as their 8 digit pin. With the string of recent data breaches, it is trivial for birthdays to be found on the internet making this a very weak authentication method.  The user is not required to change this & in some cases is not even aware that this is their password. The Thief then uses this information to perform a sim swap attack taking over the users phone service by having all communication sent to a sim card they control.

At this point the thief is able to use multiple financial institutions  (Paypal, Banks, Etc.) insecure password recovery mechanism to have a password rest link sent to the sim they now control. For Example, once Inside the users Paypal account they immediately change all account details, & transfer the entire account balance to a credit card they control.

MetroPCS users can defend themselves from this type of attack immediately by changing their 8 digit pin, or by contacting MetroPCS and having their account placed into high security mode. Doing the later will remove the 8 digit pin from the account, and in order to perform a sim swap the user will need to call in and provide a voice password. The caveat to enabling high security mode though, is that the user will no longer be able to use account as it only supports 8 digit pin passwords as a login credential.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.