On June 17, 2018 we heard from a mother who reported an unusual scam that we had never before heard about. The scam targets Sprint account holders and takes advantage of a free phone offer Sprint is promoting. To protect the woman’s identity, we’ll call her Christina. This is her story…
“I wanted to inform you that my Sprint account was hacked, but several strange things occurred along with it. I have two phones on my account, with mine the primary, my son’s the secondary.
#1 strange thing, (4:31 PM) my son received a phone call from an 800 number, (800-584-3666) claiming to be from Sprint. They verified all of the account information, told him there would be a $99 credit on the next bill, and gave him a confirmation #. He texted me from work to tell me this, and I wondered why they were contacting HIM, since they should only contact ME about billing matters.
#2 my phone rang, (about 45 min. later) and when I looked at it, I noticed it was my OWN phone number calling me. Hmm. This never happened before. I answered. Nobody was there.
#3, my son texted me to ask if I changed the security info on my account. I said no, so he sent me a screenshot of a text he’d received on his phone notifying him that the security info had been changed. Again, this should have gone to ME as the primary account holder – not him.
[NOTE: Christina tells us that this security notice arrived about an hour after her son first received the call from the Sprint phone number. It simply said “Security notification information has changed.”]
I tried logging in to my account and could not log in, so I opened a chat with Sprint. Apparently my account was compromised. Someone not only changed my password, but purchased a phone and added it to my account, which generated a $99 credit for a special they had on the phone, then they bumped up the plan I had on my phone.
[NOTE: This was the promotion offered by Sprint! For new customers, sign up for a new plan or for existing customers, increase your plan and receive a $99 credit and get a new phone!]
Luckily, I didn’t wait until I received my bill because the phone was being shipped out of the country, and the international calling charges would have been astronomical!
[NOTICE: Christina was told that the scammers had arranged to ship the phone out of the country!]
They (Sprint) stopped the phone order, created a ticket so I won’t be charged for anything should anything slip through, and set my password back to the original one – but with online maintenance taking place, I need to wait 3-5 days to change it. I just wanted to make you aware so you can tell readers to pay attention if anyone except the primary account holder starts receiving calls or messages about the cell phone accounts!”
These criminals were very sophisticated and thorough. For example, they correctly spoofed the REAL Sprint support number by using 800-584-3666. We have often wondered why this technology is freely available to anyone to use! Phone companies across the United States (world?) should have some type of registration/authorization system in which people/businesses have to verify themselves when they wish to use technology to have a call from one phone number appear as another number. Christina also tells us that the hackers changed two things in her account have hacking it. They changed her sign-in PIN number AND they made it so that alerts were no longer sent to her but to her son!
We asked Christina what the criminals asked her 27-year old son when they asked him to “verify” his account. He told her they wanted the following:
- phone number
- billing address
Also, it is possible that they MAY have tricked the son into saying “yes” over the phone which they may have recorded and used as an authorization, though we cannot be certain.
The security alert Christina’s son received DEFINITELY came from Sprint because their alerts come from the short code 9099 and that’s where the text came from. Again, it went to her son’s phone so whoever was responsible for this FIRST went into her account and changed the primary account holder to be her son before doing anything else so Christina would not receive any of the alerts. Very clever and very thorough!
Though all the details about this scam are not clear, there are several lessons here and tips for people so that they can reduce the risks that this happens to them…
- Cell phone account owners should change their account password. Don’t use a password you already use with email, banking or social media! For tips on creating sets of strong passwords, visit our article “Creating Strong Passwords.”
- If you have children on your phone account with their own phones, Christina offers this good advice… “I have since talked to my son about talking to Sprint or ANY of the other companies about my accounts. He is to tell them from now on to contact the account holder and hang up. If they ask who the account holder is, he’s simply to tell them they should have it in their records and say goodbye.”
- Many Phone services allow you to set up alerts to be notified when charges are made or changes in plans occur. Be sure you have these alerts set up, even though a criminal hacker will likely turn them off when he first gains access to an account. Check to see if you can receive an alert WHENEVER someone logs into your account! Also, if your phone service offers 2-factor authentication to get into an account, turn it on! (2-factor Auth means that in order to get into an account you’ll receive a text code to your phone that will have to be entered in addtion to name and password.)
There are many people on this 800Notes.com page from late 2016 through June, 2018 talking about scams targeting Sprint users. Here are just two quotes that suggest many are targeted by the same scam that hit Christina and her son:
Terry, on May 17, 2017 said “Dude had a heavy Indian accent stating I’ve been approved for $99 phone & wanted my pin code. Sad thing I just upgraded my phone 2 months ago. I kept saying sir I don’t understand 2x, needless to say he was frustrated and hung up. I don’t recall Sprint calling their customers.”
Another person wrote, on May 23 “Said he was with Sprint and my $99.00 rebate would be on my next bill. I said “AWESOME! I dont have Sprint”. He couldn’t understand why I thought it was so awesome if i didn’t have sprint.”
Finally, someone who runs a blog called “Undershirt Guy” was targeted by this scam and described his experience on that website.