Sporeondeloreon So do you think something like graphene with a new phone would be more of a waste.
No
Sporeondeloreon Seeing that they don’t provide more security against malicious attacks such as phishing.
As I understand phishing is the worst enemy as remote hacks are next to non existent for iOS.
You are confusing phishing and RATs (remote access trojans). Phishing is the attempt for you to click a link or downloading something so that you willingly install malware or are redirected to a malicious site (something like a mirror of a bank) that pharms credentials. Phishing is just the first step to try and bait you into what will actually happen next. A RAT on the other hand is what you're talking about where malware has been put on your device and the attacker now has complete control over your device. Pegasus is an example of this and has been used successfully against iOS
Sporeondeloreon I had gotten on App Store and tried to download cash app and it asked for my social security number and full…
Legal name.
This is probably normal considering KYC laws.
Sporeondeloreon That and the other websites appearing with the legitimate url (such as https rather than http or…
HTTPS and HTTP are both "legitimate", one is encrypted and one is not, you should only be using HTTPS if possible.
Sporeondeloreon And my usbank account got 100 usd subtracted from PayPal I go into PayPal the only one I use and it doesn’t have this transaction.
Call the bank and paypal
Sporeondeloreon So when trying to get to usbank it routes me to the scammers asking for ssn bank loan things full legal name…
How do you know it's rerouting you to "scammers"?
Sporeondeloreon I’d like to get a hold of them but I can’t redo so to get my money back I need some advice.
Again, call the bank.
Some generalized advice,
Go in and change all of your passwords for your accounts and make each one of them unique. Use a password manager like keepassxc and keep them stored in there so you can remember them.
Use two factor authentication wherever possible and consider purchasing a yubikey to do so. If you have the option, always use something other than SMS for two factor authentication (authenticator app, hardware key, etc) so that you close the attack vetor from sim swaps.
If you get sent links in emails and text messages stop opening them, if you want to add an additional layer, screen the links by putting them in a URL scanner like virustotal.com.
I don't know where you live, but the US has KYC (know your customer laws) which were created to help stop the funding of terrorism. Because of this, financial institutions will be asking for your PII (personal identifiable information) such as your SSN, DOB, NAME, etc. This isn't out of the ordinary, you just need to make sure that you are actually speaking with the institution and not a scammer. My advice is if you receieve a "we need to talk to you" call, email, or text, don't answer it, lookup the contact information online (check on multiple sources) and then contact them this way or contact them in person.
No one here can help you get your money back, we can only give you advice on how to minimize further damage and how to help prevent it in the future. The only person who can help with the financial side is your financial institution.