Cybersecurity and Fraud Protection
Protect Your Phone Number From Cybercriminals
Your debit card shouldn’t be the only thing that requires a secure pin—your mobile carrier account should have one too.
This article was originally published in Commercial Banking’s magazine, Cybersecurity: Making Security Personal.
Cybercriminals are using a fraud scheme that interrupts mobile phone service by “porting” a victim’s cell phone number to a new carrier without their knowledge. When the victim notices an interruption in cell phone service, they call their mobile carrier for support, only to find that their phone number no longer exists in the system.
Cybercriminals are able to trick telephone companies into thinking that they are the cell phone owner by providing the carrier with a phone number, a home address and the last four digits of a Social Security number. Then, they use the cell phone number to manipulate multifactor authentication verification and gain access to other accounts—including bank accounts saved on the mobile device. All the credentials and sensitive information contained on mobile devices—from banking to travel plans to personal medical records—make mobile devices a rich target for criminals.
Once cybercriminals have accessed your personal data, they can launch additional cyberschemes, such as:
- Using your mobile device to create Distributed Denial of Service (DDoS) attacks on a computer system.
- Using your mobile device to open other accounts by leveraging your credit history and other personal information.
- Installing malware to steal your personal information or take control of your device.
Mobile Phone Security Best Practices
Contact your mobile phone company to learn more about security options. In many instances, you can set up a unique PIN to better secure your account and help prevent criminals from impersonating you. You also can notify your service provider that they must request the PIN before making any changes to your account. Criminals have to know that unique code to access your account, which could make all the difference. Here are some additional best practices to follow:
- Implement multifactor authentication on your accounts and mobile devices (e.g., thumbprint, facial recognition, passcodes, etc.).
- Use security questions with tricky answers.
- Always use unique, strong and different passwords on all accounts.
- Install an anti-virus application on your mobile device.
- Securely destroy old cell phones.
- Always contact your service provider if you notice a service disruption.
- Do not answer “phishy” phone calls or messages and report them to authorities.