“Wolf of All Streets”, Scott Melker recalls how he became a victim of SIM Swap Attack in February 2020. However, he was able to avoid losing all of his crypto assets.
Melker posted on his website titled “Security Tips and Lessons Learned from my hack” on August 4, 2020. He shared his experience with the SIM Swap Attack that he experienced. He said that he could protect his access to multiple accounts such as bank accounts, credit cards, and crypto-wallets. This is after a hacker tricked his phone carrier and diverted all communications originally to him to the hacker’s phone.
The hacker was able to get access to his phone number, and text messages, with where OTPs (One-Time Password), 2FA authentication goes through that can get to his funds and accounts. Melker shared that he used a form of 2FA, which was kept in an offline device. He said: “This is the single thing that largely saved me from the most damage. Even with my logins and passwords, they were unable to access my 2FA. This gave me enough time to contact my banks, credit cards, crypto exchanges, etc. and have my accounts locked.”
The hacker/s have previously reported stolen up to 8.7 million dollars worth of crypto assets from the CEO of Veritaseum, Reggie Middleton way back July 2017 during the T-Mobile SIM swap attacks. The same goes for the known investor, Michael Terpin that claims he lost over $24 million worth of crypto after 2 AT&T SIM Swap attacked between 2017 and 2018.
Melker advised, “Never use SMS verification as a part of your 2FA. The Hackers are counting on this vulnerability in a SIM-Swap attack. 2FA is a double-edged sword – it offers protection when used correctly (on a separate device), but allows easy access to everything if it is simply a text message to your phone – because the hacker will be receiving your texts and calls.”
He recommended the use of 2FA on all accounts and advised us to stop using Chrome. He also encouraged to remove phone numbers from exchanges and better to keep assets in cold storage. Melker also showed his frustration with mobile couriers saying, “Clearly we cannot trust the phone companies to protect us.”