Resetting an account password is like asking your hardware store to create a new key for your home. Many use their phone numbers as a way to retrieve temporary codes to change their passwords for convenience.
But this method is also convenient for thieves who are looking for ways to access your most important accounts online. In some cases, knowing your name, phone number, and the operator of your phone is all a thief needs to inflict real damage.
NBC 5 Responds has discovered that new federal regulations may help you better protect yourself against these types of schemes in the future, but for now, it’s wise to implement stronger protection yourself.
To begin with, ask yourself the following question: How many accounts have you linked to your phone number for security reasons? What if someone stole your number from you, could they gain access to what matters most?
This is what happened to a man in Joliet, who told NBC 5 Responds that his worst fears came true when his phone suddenly stopped working.
âI went to make a call and he didn’t make a call,â Phil Michno said. “I log into my email and couldn’t, it said ‘Password changed.'”
To find out what was wrong, Michno said the first call he made was his phone carrier: Boost Mobile. But the call left him with more questions than answers.
âI called Boost Mobile and said, ‘Hey, what’s going on with my phone? It’s not working.’ And they said ‘Oh, we see you’ve changed to another company,’ âMichno explained. “I said ‘I never changed for another company!'”
Michno said that the representative of Boost Mobile told him that they had received a request – allegedly from him – to transfer his number to another carrier.
But Michno was not the person who made the request, a point he conveyed to the new operator to which his phone number was moved during a conference call with Boost Mobile.
What happened to Michno is called the “SIM swap”.
The way the SIM swap works is a con artist, who imitates you, convinces your current telephone company to port your number to another company through your “subscriber identity module” or SIM.
This SIM card is then virtually connected to the thieves’ device, and now they have access to everything on your phone, including password recovery texts. When they arrive, a con artist is sitting right there, receiving them.
SIM Swapping is a system that the reports of the Federal Communications Commission hundreds of people fall prey to it every year.
In Michno’s case, the thieves went looking for his CoinBase account containing $ 135,000 worth of BitCoin, savings he said were supposed to be the basis of his daughter’s college fund.
Michno said that by contacting CoinBase to warn them that it had been hacked, they told him it was too late. âThey wrote: ‘Oh, we found out that you were the victim of a SIM card swap.’ And all of your bitcoins have been stolen, âMichno said.
In a statement, CoinBase told NBC 5 Responds that it is prohibited to share details of Phil’s loss.
In most of the cases, the company said it “does not cover lossesâ¦ due to a compromise of a client’s login credentials”.
Michno said his case was now in the hands of the FBI and the Bureau told him that many people were victims of SIM card swapping programs. And the longer you’ve had your phone number, the more information a hacker can find that might be available and related to your number.
The FCC said that with the increase in the number of customer data breaches in recent years, more information about customers, such as a person’s phone number and operator, is available in the markets. unlawful acts of the dark web.
This is why Michno believes that telephone operators have a responsibility to protect their customers’ information and phone numbers from unauthorized transfers.
âBoost Mobile gave my number. They were my carrier, they didn’t protect my information,â Michno said. “These mobile operators have to be responsible for the information of the people.”
For its part, Boost Mobile said it was “determined to investigate [Phil Michnoâs] problem and find out how the fraud happened.
A spokesperson for the company also said it had recently “implemented several procedures … to prevent fraudsters from tampering with the system.”
This type of customer protection may soon be mandatory at all levels in the United States.
The The FCC has proposed rules it would force phone operators to do a lot more to authenticate if a customer is really the person requesting a phone number change to a new device.
How to protect yourself against SIM swapping
While new federal rules for carriers may require stronger protection, there are ways to protect yourself.
First, contact your telephone company to see if it offers any protection against unauthorized transfers.
These services are called “number blocking” or “number blocking” and are sometimes as easy as checking a box in your profile. If this service is not available, the FCC suggests asking your carrier if you can set up a required number or password in order to port your number to a new device.
Another way to protect yourself is to use two-factor authentication for passwords. To learn more, Click here.
For more tips on how to prevent a SIM swap, watch the video below.
Have you received an alert that your SIM card has been activated on a new device? Your phone may have been hacked by a scammer, and here’s what you can do to prevent that from happening.