How often do you give out your phone number? I'm guilty of doing it countless times at stores and with online retailers. Like most people, I typically don't even think twice about it. It's just what people do, right?
I recently learned, however, that I have basically been handing over the key to my bank accounts and email, readily giving up information to people who are waiting for an opportunity to take advantage of others.
When I looked a little deeper into how scammers are using the information to get access to personal accounts, I found it's a rather common problem. Unfortunately, that was after my husband and I became victims.
Here's how it happens and what you can do to protect yourself.
For us, it was hard to even figure out what was going on. The initial response when my husband attempted to make a phone call was just that it wouldn’t go through.
When we called T-Mobile the next day, the company's answer to our problem was not what we were expecting.
"Sir, you switched your number to MetroPCS," a representative told my husband.
He tried explaining to them that he had done no such thing. And as a T-Mobile customer of more than 10 years, he had no desire to switch services. He'd been a pretty happy customer, up to that moment.
Apparently someone who wasn't my husband got a T-Mobile representative to authorize switching his phone number to MetroPCS. The term has been coined "social engineering," and all the hacker has to do is simply convince a customer service representative that they are you.
The scary part, we learned through days of conversations, is that the new scam is a way for thieves to access people's bank accounts and, apparently, email is of interest to thieves here as well.
The Better Business Bureau says the scammer gathers as much information about you as possible — name, phone number and other personal identifiable information such as birth date, address and Social Security number. Then, they contact your cellphone service provider, while pretending to be you, and inform them your phone was stolen, therefore requesting the number be “ported” to another provider and device.
Once the scammer has your number ported to a new provider and device, they can start gaining access to any accounts that require additional authorization by a code sent to your phone number. Just like that, they gain entry, you are locked out and your accounts are exposed.
Luckily, my husband was able to get his number restored to his phone and our service provider without any additional issues -- although it took two days and countless representatives and managers to get the job done. But we couldn’t help but wonder: How could this have been prevented? It seems too easy, and there doesn’t seem to be anyone who could be immune to it.
The Better Business Bureau and Forbes, however, have come up with ways they say you can safeguard your cellphone number and other important accounts. Here they are:
- Inquire with your wireless provider about port-out authorization. Every major wireless has some sort of additional security for accounts or for port-out authorization that customers can set up, like a unique pin, or add verification question, which will make it more difficult for someone to port-out your phone.
- Watch out for an unexpected “emergency calls only” status in your settings. Call your mobile phone company if your phone suddenly switches to "emergency call service only" or something similar. That's what happens when your phone number has been transferred to another phone.
- Be vigilant about communications you receive. Watch out for phishing attempts, alert messages from financial institutions and texts in response to two-factor authorization requests.
- Disable online access to your wireless account. You’ll now have to go into the store or call to make changes, but it is one fewer way in which a hijacker can hack your account.
- Tell your carrier you’d like to require that changes to your account can be made only in person with photo ID.
Anyone who has already fallen victim to this scam is encouraged by BBB to report the incident here.
Graham Media Group 2018