Those scammers are at it again. One of the latest scams affecting people today is the mobile phone port-out scam. This is where fraudsters impersonate mobile phone users to have their information transferred to a different carrier, thereby stealing their victims' phone numbers. Once the information has been transferred, the con artist will be able to receive all texts and calls meant for the original user, including those that can be used to access a member's online banking account. If only they could put their creativity to good use
This is obviously bad, and you definitely don't want to fall victim to these fraudsters. So what can you do to ensure some mustache twirling urchin of society doesn't steal your phone number and gain access to your most valuable and sensitive information? Luckily there are a few steps you can take to protect yourself:
A fraudster will often port a user's phone number to a different carrier after they have already stolen the user's account login credentials. This increases the risk of an account takeover through online banking because many credit unions offer out-of-band authentication, where a one-time passcode is sent to the user's phone via text message when logging in. Using an app-based, rather than text-based, out-of-band authentication can help mitigate the risk of account takeovers, like Bellwether's app!
In fact, the National Institute of Standards and Technology (NIST) indicated in its Special Publication 800-63B (Digital Identity Guidelines) that the use of a secure app-based method of pushing one-time passcodes is more secure.
As if getting your phone number stolen and having your online banking accounts be in harms way wasn't enough, now you also have to watch out for your credit and debit cards! If a scammer has ported your phone to a new carrier they could also use a counterfeit or stolen credit/debit card to make transactions. I know, these people are the worst. If a card processor's fraud management system detects a suspicious transaction, they could attempt to contact the cardholder by phone. You can see how this would be a problem if someone has stolen your phone number?
It's best practice to check your credit/debit transactions often to be sure no fraudulent transactions have taken place. If you notice anything suspicious, get in touch with your card processor immediately.
Oftentimes, public email service providers will use out-of0band authentication using one-time passcodes sent via text message. This could lead to a compromise of your personal email accout after a scamster ports a phone number to a different carrier.
Many major phone carriers, like T-Mobile or AT&T, recommend customers to place a "port validation password" on their accounts. This means that if you, or someone more nefarious, wants to port your phone to a different carrier, the new carrier would first have to provide the "port validation password" to the existing carrier before the switch to take place. This just adds another layer of security to protect your account.
Follow these steps and you will make it much harder for someone with ill intentions of stealing your information through the mobile phone port scam. If you fear you have been the victim of this or any other identity scam, get in touch with your financial institution or card processor immediately. Keep your head on a swivel!