Last night, I tried logging into my gmail account and was asked to re-verify my identity. Gmail asked me to input a code that they sent to a number that was not mine (i.e. last two digits) and to enter a two factor authentication code that I don't have. I was weirded out by that but not totally clued in. When gmail asked me to input my phone number to send a recovery text to, I put in my actual phone number and waited ... for a text that never came.

In fact, when I looked at my phone, I noticed that I had no service. Then, I noticed that I had received a text message about 15 minutes earlier to my phone by my provider (TMobile) that my SIM had been updated (an action which I did not perform).

I contacted TMobile who informed me that a retail location had recently moved my number to a new SIM Card. I told them that I had not authorized any such action and they switched it back. However, after recovering my phone number, I still could not enter my gmail account. I finally realized that I had been the target of a malicious hack (took me too long to figure that out).

I started calling and trying to lock down various accounts. In the process, I realized I was locked out of my Poloniex account.

Here is the actions that I have taken:
* Recovered my phone number
* Called TMobile and yelled at them, opened a fraud investigation
* Filed a case here: ic3.gov
* Notified my bank to be on the lookout for any unusual activity
* Moved my crypto to a new account (on the blockchain)
* Filed multiple support tickets with Poloniex
* Attempted to recover my gmail to no avail

At this point, I am concerned that:
1. That my SSN may be compromised
2. I will never access my gmail account again (I have tons of photos and documents on there as well as my email history)
3. That the hacker will drain my poloniex account (I had 2FA enabled...)
in that order...

Possible actions:
* Sign up for some kind of identity monitoring?
* Contact Google somehow?
* Sue TMobile?
* Do other stuff?

Just looking for advice regarding my situation. Thanks in advance.

What kind of 2FA do you have enabled on Polo? If it's Google Authenticator, you should be safe. If it's SMS, you're ****ed.

Seems you did all you could OP, hope it works out for you.

Everyone should go to https://haveibeenpwned.com/ and look up your emails. I just learned about this recently and several of my addresses came up positive in search.

I have Google Authenticator.

Update:

I wrote the scammer an email from a new gmail address to my old one offering $500 for the return of the address (Payable in two installments of XLM before and after the account recovery).

He/She responded with a demand of 5k btc (LOL).

I have notified google regarding an extortion scam (they have a special contact address for that).

Should I respond to the scammer? My wife seems to think that I should stop responding (without the direct help of the FBI) because he/she might be dangerous.

Doubt you need to pay the scammer anything. Google will let you recover your address assuming you can prove it's you afaik.

It's kind of a blessing if you don't like your life right now. You can dedicate you life to revenge in trying to find this guy. It'll keep you busy, and imagine how intensely satisfying it would be to actually track him down in Moscow or wherever and then stare into his eyes as you strangle him to death.

somigosaden,
You're definitely going on my "do not try to scam" list.

lol...thread delivered

looks like you got sim swap hacked, sorry to hear and this is terribly common in the crypto industry

e.g.

https://blog.coinbase.com/on-phone-n...y-423db8577e58
https://techcrunch.com/2017/08/23/i-was-hacked/


do you advertise that you own a lot of crypto on social media? This guy literally tweeted once about coinbase and bitcoin and immediately got simswapped


https://medium.com/@CodyBrown/how-to...m-ba75fb8d0bac



best defense is to 2fa everything & do not link your phone # to your gmail.
and make sure your carrier has a note in your account that any sim swap must be in person and with photo id (sadly, this doesnt really do anything, as most reps will just initiate sim swap)
do not advertise your phone # anywhere
do not advertise which email account you have that you use for crypto accounts
dont keep any crypto youre willing to lose long term on any exchange


etc.



if oyu pay a ransom you are literally dumber than dirt. its gone, write it off on your taxes. sorry to tell you.

Is there any reason one couldn't put all their crypto on a SIM-less phone that they don't use for calls and texts, and then get another phone for calls and texts that doesn't have any connection to crypto?

I don’t know... Sounds like it would work. But in reverse


When you verify yourself with an exchange you should use a phone # and email that is never known or touched on the internet.

Also these hacks are not isolated to crypto and have always been popular

Social engineering hacks

https://medium.com/@N/how-i-lost-my-...e-24eb09e026dd
https://www.google.com/amp/s/www.wir...n-hacking/amp/

Another fool proof way to protect against sim swap hacks is changing your carrier to Google fi.

It seems like having a phone # recovery method is more of a liability than helpful. Perhaps having your email recovery set only to another email address used for that purpose solely.

I just reset cell provider email to a non important one. And set that email's recovery to another non important one.

Most carriers allow locking your SIM with a PIN. The PIN can be possibly be defeated by a persistent hacker when they call your carrier's CSR, though.

Switch your cell to something secure if you wanna use gmail to secure anything of value. SMS 2FA is obviously an upgrade over no 2FA, but all these options are dependent on the security of the weakest link. Ease of use comes at the price of security.

What do you mean by "something more secure" a different carrier? Google FI?

Yeah, I understand the hack. Its my fault for not having 2FA on the gmail account.

Why do you say that I am dumb if I pay the ransom and to write it off. I would think that time is on my side here anyway. I think I will eventually recover the account. I had 2FA on the polo account so maybe he didn't even get in there.

How would I prove that its mine?

How did his Polo account get hacked if Google Auth 2FA was activated?

Are exchanges dumb enough to deactivate 2FA without substantial KYC? Surely, email verification isn't enough.

Go through the account recovery - google may ask more advanced questions like who are the last 3 real people you've emailed. You can still get your gmail account back.

Nothing doing. I tried already. This guy put enough security on the account, that it is unrecoverable. (i.e. I don't have his google authenticator or his phone).

you still havent answered the most important questions....


1/ do you or have you advertised you own a signifcant amount of crypto on social media

2/ do you have a trojan on your computer prior to hack

Seems like your best bet is try to negotiate the 5k down. He'll prob take 1k-1.5k, consider it an expensive lesson and secure better in future