CEO of Flipside Crypto
A legacy email password was changed.
That led to Facebook being compromised.
Which led to my cell phone number being coughed up.
Then. Ugh, then…
My mobile phone went offline.
And that is the hole you can’t dig out of.
Let’s be clear: I use protection.
I’ve set up 2-factor authentication on my major gmail accounts, my applications and all of my crypto products — and well as a do not port on my phone.
But I missed one very, very old gmail account (like most I unfortunately have a random one I’d forgotten about) and — even though it was merely a blackhole of spam email — that loophole was compromised.
That was fixed easily enough, I immediately sprung into action, changing passwords in real time — both Gmail and Facebook have really simple tools to notify of a security breach, prove its you, and update your account. Kudos to both of them.
But once your phone gets taken over, you are in deep deep trouble:
Meanwhile, said hackers are exploring any/all loopholes they can to crack your 2-factor authentication to get to the real stuff: your crypto accounts.
With my phone contact list, they tried some end arounds. At 11:00 PM, my ex-wife (who maintains my last name, so was a natural launchpad) started receiving terrorizing calls on her home phone.
They called over and over and — through a voice modulator, no less — they started demanding,
“Where is Dave?”
Besides weirding her out, they didn’t accomplish much.
Meanwhile, AT&T is on the line. They’re telling me to go to sleep. To call back the next morning.
I become somewhat hostile, and demand the Manager. The Manager is prepared for this. She says they are based in the Caribbean and they have no way of solving the problem (I picture them in an open-air call center under a thatched roof, with the ever-so-distant sounds of Island music floating in on the warm breeze).
“Call the Fraud Hotline tomorrow,” she says.
They open in 9 hours.
Then horrifically, she launches into the standard closing pitch,
“AT&T thanks you for your business, we value you as a customer…
You are apparently a hacker’s best friend.