Stay Safe from Mobile Number Scams
In this Article:
In our previous article we spoke about mobile phone accessories designed to keep your device safe from any damage. However, there are many dangers that do not necessarily involve broken screens or chipped frames at all. In fact, these threats are so sophisticated, that the perpetrator doesn’t even need physical access to your device. In this week’s article, we’ll be discussing Port-Out and SIM Swap scams in order to help you recognize the risks and prevent any unwanted intrusion. But before we dive deep into the potential damage these scams can achieve, let’s take a step back and start with the basics. All network operators follow the same number porting system established by the Canadian Radio-television and Telecommunications Commission (CRTC) so that customers can easily transfer to another service provider and keep the same phone number. So, how does each scam work?
The Port-Out Scam
Port-out scams have been around for a couple of years now, but as of late, they’re becoming more and more common. So much so, in fact, that many carriers have been recently taking steps to make it more difficult for scammers to pull it off. It works like this. A scammer first focuses on obtaining some basic information about their victim, such as name, phone number, address, etc. They extract this information by going through their victim’s social media accounts, looking for phone numbers or frequently visited places to get a sense of where they live. They can also try to trick you into giving them this information through fake emails, texts or calls (this is known as phishing). Once they’ve gathered this information, the scammer calls the victim’s carrier and requests to port-out the account to another carrier. Usually, all they need to make the switch is provide the victim’s name, number, date of birth and address. Once the request goes through, they immediately use the “forgot password” feature to log into the victim’s accounts and change the passwords to prevent them from taking back control. At this point, they’ve locked their victim out with their own phone number and accounts, so they proceed to empty all the bank accounts or copy the information on their victim’s device to see if they can find useful information that will enable them to repeat the scam.
The SIM Switch Scam
The SIM Switch is very similar to the port-out scam, and has become the most common scamming method of the two. They have the same basic set-up and serve the same purpose, but they exploit a slightly different angle. You see, SIM cards connect your phone number and mobile service to your phone, so what the scammers do in this case is, instead of requesting the number to be ported-out to a new carrier, they request your account be updated to a new SIM that is in their possession. Once the update is finished, they use the “forgot password” option to access your account, bypassing most security features. This scam is usually done late at night to prevent the victim from reacting quickly, giving them more time to access all of the accounts associated with that phone number.
What can they do with it?
Once a scammer has access to your mobile account, they pretty much have full access to your other accounts associated with that phone number, which means they’re able to look through your emails and social media accounts, make backups of your information, log into your bank account to make transfers, change passwords, etc. Basically, all kinds of horrible things.
What can I do if I fall victim to one of these scams?
If, by any chance, you fall victim to either of these scams, there’s a couple of things you can do to stop the intrusion and prevent further damage. First of all, as soon as you suspect that your phone number has been compromised, log into your bank account from any other device to check if any irregular movements have been made. If you find any, try to change your password and contact your bank or financial institution immediately to explain the situation. The sooner you do this, the better the chances you’ll have to undo any changes. You also might want to record and save everything in a secure device, since any information can be used later when you contact the authorities, whether it’s police or any other fraud-prevention institution, such as the Canadian Anti-Fraud Center..
Once you have your phone number back, access your email and change the password. Make sure to look into your email provider’s security settings to see if they have additional features that could help you prevent this in the future.
How can I prevent these scams?
Naturally, you’re probably wondering how on earth can you prevent this from happening to you, and to this end, we’ve made a brief list of things you can do to make your mobile account safer.
- First and foremost, avoid publishing your phone number on public social media profiles. In fact, do your best to limit the amount of personal information you share on any of your social media accounts, especially if said information could be tied to your password-recovery questions, such as your high school, pet name or old addresses.
- Ask your carrier if they provide additional security features, such as mobile account PINs or passwords. If they do, take the time to set up this extra layer of security, and make sure to keep this information away from any public accounts.
- Never use the same passwords or usernames across multiple accounts. Sharing the same username, or worse, the same password, means that if just one of your accounts becomes compromised, it could put all your accounts using that password at risk. That’s why you should always do your best to create a strong, unique password for your sensitive accounts and change the password often. Also, whenever you change your password, avoid using old passwords. Hackers exchange password lists over the dark web and, although unlikely, one of them could get lucky by trying out your old password, especially if you haven’t changed your username.
- Always be on the lookout for any messages sent by unknown, or misspelled, email addresses, as well as links that take you to a fake website. You can usually recognize these fake email addresses and websites because they contain many spelling and grammatical errors. If you’re unsure about whether a site is fake or not, exit the site and type the domain you’re trying to access into your search engine.
- Finally, don’t respond to online or phone requests for personal information. If you’re unsure about the request, you can always find the legitimate contact information on their official site and use those contact methods to confirm whether the request is real. Never give out your personal or bank account information without first checking if the person, email or phone number actually belongs to the company they claim to represent.
And that’s pretty much it! Hopefully you found some useful information in this weekly article, and if you did, make sure to pass it on to your friends, family or associates to inform them about these nasty scam tactics and prevent any of them from falling victim.
We find the hidden savings in your wireless bill.
Expertel iQ is your cloud-based savings consultant. We optimize how much you can save per month by adding and removing account features based on what you’re actually using. Never pay for unused lines or redundant features again.