@Dashrender said in Equifax claims process is now open:
@Nic said in Equifax claims process is now open:
Yeah they were definitely social engineering and using stolen info to do so. They were answering my Paypal security questions before they resorted to the SIM cloning. I had to change my answers to the security questions to strong passwords instead of actual answers about what my first pet was named. I knew they were fucking with my phone because it kept ringing and then hanging up instantly. I'm assuming they were testing out their setup before triggering the 2FA text.
Aww - yeah that definitely sucks. And they did this twice?
Does PP not offer a OTP option - i.e. offline app only on your phone, not SMS for 2FA?
Yeah they did it twice, within the span of a couple weeks. The first time I didn't realize they were using info about me to answer security questions to reset the password, so I just changed my password and turned on 2FA. The second time was when they started using the text 2FA to get a verification code to change the password.
PP didn't offer any other 2FA options than SMS at the time, but it looks like they've finally gotten with the times: