1. trinamlee's Avatar
    I apologize if this thread is in the wrong place. I'm still rather new to this forum. I have a Curve 8900 and fear it may have been hacked. My monthly bill suddenly stopped coming and I received a text from my phone company that I owed $108. My phone plan costs $65. Apparently, day time calls are being made from my account but not from my phone. I never made those calls. It's still happening at about $100 a week!

    The pin and address on my account had been changed without my knowledge. Nothing else has been tampered with such as my data usage. Only the outgoing calls. Can anyone help me out?

    I did call my provider and they were no help over the phone so I will be going to see them in person. Just wondering if anyone has heard of this or if you have any helpful advice for me. Thanks!
    04-18-10 04:27 PM
  2. Branta's Avatar
    Sounds likie identity theft. Be prepared to involve the cops, particularly if the phone provider is not fully cooperative. In fact consider reporting it anyway.

    Look for evidence your mail has been intercepted or diverted. You should also check all your other accounts, particularly bank and credit card, and make sure any passwords are changed now.
    04-18-10 04:42 PM
  3. trinamlee's Avatar
    I have no credit card info on the phone and I don't use facebook. My email seems to be fine as far as I can tell. Even my data usage is untouched. It's only the outgoing calls. The best the provider has done so far is to offer to send a print out of the numbers being called. They said I can then tell them if there is a discrepancy even though I already told them I didn't use that many day time minutes. This is really frustrating, especially since I still have 2.5 years on this contract. Thanks for the replies.
    04-18-10 05:47 PM
  4. Branta's Avatar
    The items which concern me most are that your bills have stopped coming, and the account address and PIN have been changed. That suggests someone got enough information to impersonate you and have the provider make changes to their records. (Note - I'm assuming your PIN or password for the account, not your BlackBerry PIN for BBM and BIS setup).

    If they can do it to your phone provider they can do it to your bank. The credit card or bank info doesn't need to be on your phone, it could be on a statement in paper mail.

    It is highly unlikely your SIM has been cloned (extremely difficult at a technical level). It is much more likely that a second phone has been added to your account.

    The other plausible option in my mind is that you have installed (probably not realising what was happening) some software which installs a malicious premium rate dialler. These have been a plague in the regular cellphone world for some time, but there are not many successful attacks on BlackBerry users because it needs user permission to install anything. Having said that, a malicious component could be concealed as a hidden stowaway with almost any free "must have" software, so be a little suspicious if you have downloaded and installed anything recently from a source you don't trust absolutely. Before you ask... yes, including free themes or software and updates you clicked to install.

    Now I need to go have a word with that jackass who thinks changing the phone number will help! Unless you are getting nuisance calls there is no point taking the inconvenience.
    04-18-10 06:06 PM
  5. trinamlee's Avatar
    Would a second phone show on the account? I called the provider and told them I hadn't been getting my bill and that I did not change my address. They insisted I was using more day time minutes and not realizing it. Totally not the case. The only things I've downloaded have been Ubertwitter and Twitter app for Blackberry. I pretty much never download and just use the phone for email and twitter. I did receive an odd message through BB messenger that was garbled spam. I didn't click anything, just deleted it. Could that have anything to do with it?

    Thanks for all your help. I appreciate it.
    04-18-10 06:16 PM
  6. Branta's Avatar
    Uber and Twitter for BB are considered reputable. If you downloaded from "official" sources that more or less rules out anything you installed knowingly.

    It is unlikely you could come to harm through BBM messages - but they interest me because you say "garbled spam". That tends to suggest spam, probably something like Chinese or Russian (cyrillic) alphabet which most western users are not configured to use. You should only receive BBM messages from known and accepted contacts, everyone else gets to send Requests which you can accept or reject. I suppose it is possible you also got a direct PIN Message which works like email but uses your PIN instead of an email address.

    Whatever, anything which can operate within your phone to run up costs by pocket dialling would have to be installed first - and that means you have to click OK to something, and allow permissions change. You would be unlikely to overlook that.

    I think when you look at the list of calls, look for premium rate numbers like 1-900 family. They are the mosst likely suspects. If you identify any suspect numbers also check/search the phone's contacts - just in case you have a corrupted entry there, and to save you later embarrassment of finding it's one of your calls.

    The phone app shows you recent calls. There's a way to find a much longer list if you need to check.

    Open any message folder (email will do fine) and view the index of messages.
    Hit the Menu (blackberry logo) button. Select "View Folder"
    Scroll to find "Phone Call Logs" and click on it.

    You now have a much longer list of calls available to review. If you are really lucky you are going to find some of the mystery calls conflict with other calls you made, or were at a time when it was impossible to make calls from your phone (in an aircraft, etc).
    04-18-10 06:59 PM
  7. trinamlee's Avatar
    In regards to the Blackberry messenger spam msg I got, it came up as a BBM alert though I had not yet installed the BBM app that was on my phone. I had to install the app to check the msg. I'm fearing now that the app was corrupt. I have since deleted it. It was the same BBM app that comes default on the phone and the phone was brand new when purchased. I don't even use BBM and never have.

    Thanks again Branta for all your help. You've been more helpful than my service provider. I truly appreciate it.
    04-18-10 07:10 PM
  8. Branta's Avatar
    If you simply used the BBM which comes with the phone it should be OK. Corruption is unlikely and thousands of other users will have used the same app delivered with their phones. However I don't understand "not installed" because BBM is installed and ready to play from the factory, all you need to do is accept the license and enter your name. Maybe that's what you mean.

    The only warning sign would be if the message was a "click here to get BBM" and it wasn't really BBM. If that was the case you would get a clear indication of a download and install.

    If you are still concerned and think your phone is secret dialling after your review of the calls list the fix is simple - wipe the phone's software and reinstall known good software using your own download direct from the RIM website. The mods will be happy to provide advice if you think you need to do this.
    04-18-10 07:23 PM
  9. trinamlee's Avatar
    Just talked to provider again. They insist the calls were made from my SIM. They gave me a number that has been called several times and I do not know it but since its my SIM they say I have to pay it. They suggested changing the SIM. Do you think this would help? It's also showing calls made to a number I do know but I have not called that number and it doesn't show in my phone's log. This is really confusing to me. Have you heard of this happening?
    Last edited by trinamlee; 04-18-10 at 07:46 PM.
    04-18-10 07:41 PM
  10. Branta's Avatar
    Sorry, this will be a long one. I would certainly be demanding a new SIM immediately, and I think I would be keeping the phone off as much as possible until it was activated.

    OK, there are two distinct issues here:
    * Change to your account PIN and invoice/billing address
    * Charges for calls you are disputing.

    Considering the account admin issues there are two obvious possibilities. Either a third party got enough data to impersonate you, or one of the provider's reps is corrupt or made a mistake. If you are not satisfied you could still consider a police report for fraud, and ask the provider to make all the evidence available to the cops. That's a fair bit of work for them...

    That raises an obvious question you should ask yourself - and it doesn't need a public answer at this stage. Is there any way someone you know could have made the changes? It would probably need access to one of your recent phone bills and knowledge of your personal details or PIN, so that tends to restrict it to others living in the same house or maybe someone at work.

    You may get some clues from the false address which had been substituted on your account. Does it mean anything to you?

    If you decide there is absolutely no chance anybody else has access then the provider has some questions to answer and the details of the account changes should be in their internal audit logs. If they can't show the changes were properly authorised with correct identification then you could be talking about negligence.

    The charges issue is more difficult to dispute. If the records really show the calls were made using your SIM your IMEI, and on a tower where you could plausibly be, you may have to accept the calls.

    A few more questions as you plan for tomorrow
    * Is there any way someone else could have access to your phone while you were not looking? Kids etc?
    * You know one number and it is in the phone contacts. Could it have been pocket dialled by your car key? (I know you can't find it in the log...)
    * Is there any comon link on the rogue numbers to give you other clues?

    The fact that numbers are not in the log doesn't rule out malicious premium auto diallers. Some may be smart enough to cover their tracks. Your quoted $100/week certainly fits these evil programs so I won't rule them out, but they usually call at least some obvious premium rate numbers which you should be able to identify easily. (Maybe covering their tracks by pulling others from your phonebook too).

    That raises another question - was the phone supplied new from the provider and always under your control, or did you buy used from a third party?

    However on your side you have the log maintained automatically by the phone, and maybe other evidence that you did not or could not have made some or all of the disputed calls. All you can do in this respect is to keep pushing up the chain of supervisor's supervisor until one side or the other admits defeat. You will get more success with that during the business week, and the indiscretions on account admin might help influence their decisions. In fact I would probably be reluctant to discuss any payment for dodgy calls until they provide a satisfactory explanation how the account got changed to conceal the dodgy calls.

    There is also another more remote possibility if the account admin issues are not resolved. Check the SIM number and other details carefully, because if one detail on your account is wrong maybe other details are also corrupted and you really are being billed for someone else's voice calls.

    With that I'm about out of ideas for the night and I need sleep. If you need more maybe one of the other Canada based mods or experienced Rogers users will step in (I see Rogers in your profile).

    Good Luck
    04-18-10 08:47 PM
  11. MobileMadness002's Avatar
    Quick question, the numbers they say you are calling, are they local, within the US or international? Do you use a calling card for international calls? Have the numbers appeared on previous invoices, you can still see the invoices online I assume. If you can't, then have them mail the bills to you post haste. I've handled a few billing disputes myself and the agents doing the research will review past calling history and the various aspects of the call itself. Like IMEI, IMSI, SIM, calling # and called #.

    Like previously stated, change the SIM immediately.
    04-18-10 09:07 PM
  12. trinamlee's Avatar
    One of the numbers it's calling (more than any other numbers) is my brother's number. He's on the same provider as me but does not have a Blackberry. He also has not been receiving calls from my phone even though our provider states otherwise. My phone was brand new from the provider, it was not used. My provider is showing that my account calls my brother 30 times a week. Completely impossible. I do not call him that often. Not even once a week actually.

    That still doesn't explain the account changes. I'm going to try talking to my provider again tomorrow. I will also change the SIM. Thank you so very much for taking your time to help me. Time is precious and I appreciate it. I will let you know if I get anywhere with this.
    04-18-10 10:03 PM
  13. trinamlee's Avatar
    Quick question, the numbers they say you are calling, are they local, within the US or international? Do you use a calling card for international calls? Have the numbers appeared on previous invoices, you can still see the invoices online I assume. If you can't, then have them mail the bills to you post haste. I've handled a few billing disputes myself and the agents doing the research will review past calling history and the various aspects of the call itself. Like IMEI, IMSI, SIM, calling # and called #.

    Like previously stated, change the SIM immediately.
    The main number it says I'm calling is my own brother which is local. And I haven't been calling him when it says I have. This is very confusing to me.
    04-18-10 10:06 PM
  14. StaticFX's Avatar
    ok, does your brothers account show the calls? if not, there is some proof. Get his statement showing that he is NOT getting those calls, and shows that yours is showing them.
    04-18-10 10:17 PM
  15. skwij's Avatar
    Good luck with Rogers tomorrow.

    Be patient, but persistent.
    04-19-10 12:16 AM
  16. MrObvious's Avatar
    If Rogers is GSM then please disregard, but it sounds like someone may have cloned your ESN.
    04-19-10 02:00 AM
  17. trinamlee's Avatar
    I went to my provider's local outlet today and got a new SIM card. The person there had no answers for me and told me to call customer service. I feel like I'm going in circles. I hope the new card helps. Should I also upgrade my BB OS?
    04-19-10 02:19 PM
  18. Radius's Avatar
    What are the duration of the calls?

    Could it be possible the phone is in your pocket and you're inadvertently calling him if keys get pressed?
    04-19-10 02:46 PM
  19. Branta's Avatar
    I have mixed feelings about an OS upgrade at this stage, My preference is to change one thing at a time and see what difference it makes before the next change. If you are still disputing the charges you should also be guided by your provider's advice, you don't want to destroy the evidence which might prove what happened.

    If/when you decide to upgrade the OS I would suggest a clean install in raw factory configuration rather than an upgrade, then restore only your essentials from backup (contacts, calendar data, messages, etc). When you see how this behaves, then add any extra applications - once again installing from known "clean" manufacturer's installation files.
    04-19-10 03:38 PM
  20. trinamlee's Avatar
    What are the duration of the calls?

    Could it be possible the phone is in your pocket and you're inadvertently calling him if keys get pressed?
    No that's not happening. No calls from me are showing on my brother's phone or his account. It's only on my end.

    Posted from my CrackBerry at wapforums.crackberry.com
    04-19-10 04:45 PM
  21. trinamlee's Avatar
    Ok I will hold off on doing anything with the OS for now. Hoping the fact that my brother's account shows no connected calls with me will help. Keeping fingers crossed. Thanks again to all who have helped me here. I would have been more lost without you.

    Posted from my CrackBerry at wapforums.crackberry.com
    04-19-10 04:49 PM
  22. trinamlee's Avatar
    Just a quick update, after 90 minutes on the phone with the provider I have gotten nowhere. We talked to someone new and they did not see the 30 calls to my brother that someone else saw on the account which is weird to me. They are sending a print out of all calls over the past month. Then if there are still problems I'm to call them again. *sigh* I sure hope nobody else goes through anything like this. It's a real hassle.
    04-20-10 10:26 AM
  23. Branta's Avatar
    Why do I sense a(nother) glitch in the Robbers billing system?
    04-20-10 10:38 AM
LINK TO POST COPIED TO CLIPBOARD