Seeking advice on Facebook stolen phone number hack

[BobTheHawkHater]

I'm not a Facebook user but my daughter is. Last Friday she received a few texts on her iPhone from an unknown 5-digit number saying:
"<#> xxxxx is your Facebook code ...."

She blew these off thinking they were some sort of random phishing deal. Today, 3 days later, she received a legit email from Facebook saying:
"We wanted to let you know that your mobile number xxx-xxx-xxxx was verified and registered by another person on Facebook. This mobile number is still associated with your account. If you're still receiving SMS notifications from Facebook, the person that just confirmed may also see any Facebook SMS notifications that will be sent to you."

She recently upgraded from an older iPhone that uses a SIM card to a newer iPhone 15 with eSIM.

She did a little digging on Facebook and can see the profile of some guy in India that registered her phone number to their Facebook profile. She has communicated this issue with her phone provider and Facebook but no real feedback yet except "watch your accounts, change passwords, use 2 factor authentication".

Anybody have any experience with something like this? How worried should she be?

If they somehow cloned her phone account / SIM card, would that allow them to see any text message sent to her iPhone via iMessages? I feel like they probably can, right, since they probably were getting the messages at the top of my message above when they were originally associating her phone number with their Facebook account and going through the 2-factor authentication.

Thanks in advance for any advice.

 

[AllInForISU]

I am pretty sure iMessage uses your Apple ID. Texts are over SMS and that is not the same as the iMessage. Sorry, sounds like a sucky situation.

 

[simply1]

I'm guessing that the vulnerability is in Facebook, and so the phone number and messaging aren't compromised. That would be far easier to hack around than what you're worried about. She could probably do a "recovery" on that fake Facebook account to gain access and delete it since it would go to her phone number.

 

[GBlade]

Here is an article regarding eSIM hijacking: https://intel471.com/blog/a-look-at-esims-and-number-hijacking

Does your daughter do online backing or crypto? The target might not just be limited to her Facebook account, but that maybe just the first domino.

Your daughter needs to have a new eSIM created for her number and additional protections added to her carrier account. Likely should be done in person as they should check ID in this situation. Then change ALL passwords to unique random passwords for all accounts (email, Facebook, bank, iCloud, etc...).

 

[BobTheHawkHater]

Thanks everyone for the very helpful advise. I always joke with the family that you can ask anything on CF and some expert out there will reply with quality advice.

 

[KrustyRuss]

If the verification phone number linked to the account is compromised, the hacker might receive all the security codes instead of you. I had a similar issue once, and the best thing I did was update my recovery contacts and enable extra security steps where possible.

 

[demoncore1031]

People in India are shady as hell, and the biggest pervs in the world.

I'm not a Facebook user but my daughter is. Last Friday she received a few texts on her iPhone from an unknown 5-digit number saying:
"<#> xxxxx is your Facebook code ...."

She blew these off thinking they were some sort of random phishing deal. Today, 3 days later, she received a legit email from Facebook saying:
"We wanted to let you know that your mobile number xxx-xxx-xxxx was verified and registered by another person on Facebook. This mobile number is still associated with your account. If you're still receiving SMS notifications from Facebook, the person that just confirmed may also see any Facebook SMS notifications that will be sent to you."

She recently upgraded from an older iPhone that uses a SIM card to a newer iPhone 15 with eSIM.

She did a little digging on Facebook and can see the profile of some guy in India that registered her phone number to their Facebook profile. She has communicated this issue with her phone provider and Facebook but no real feedback yet except "watch your accounts, change passwords, use 2 factor authentication".

Anybody have any experience with something like this? How worried should she be?

If they somehow cloned her phone account / SIM card, would that allow them to see any text message sent to her iPhone via iMessages? I feel like they probably can, right, since they probably were getting the messages at the top of my message above when they were originally associating her phone number with their Facebook account and going through the 2-factor authentication.

Thanks in advance for any advice.

I have heard similar stories about guys in India doing this. I think a lot of guys there spend all of their time on facebook, scamming people and sending wang pics to random women. Disgusting.

 

[VeloClone]

People in India are shady as hell, and the biggest pervs in the world.

I have heard similar stories about guys in India doing this. I think a lot of guys there spend all of their time on facebook, scamming people and sending wang pics to random women. Disgusting.

To be fair there are about 1.5 billion people in India (they have now passed China as the most populous country) so there are probably going to be more nefarious characters than in most other countries since there are so many fricken people. Their period of British colonization probably doesn't help either since there is such a high proportion of English speakers there which makes running scams like this in the English speaking world so much easier.

 

[Cyclones01]

Whenever possible, use an authenticator application instead of SMS for MFA.