Skip to main content
https://www.highperformancecpmgate.com/rgeesizw1?key=a9d7b2ab045c91688419e8e18a006621

How to protect your cell phone number and why you should care

Getty Images

Assuming you have your strong passwords in place and your two-factor authentication set up, you think your accounts are now safe? Think again. There’s much more to be done.

You might think your Social Security or bank account numbers are the most sensitive digits in your life. Nowadays, hackers can do far more damage with little effort using just your cell phone number. But unlike your Social Security number, you’re far less likely to keep your cell phone number a secret — otherwise nobody can contact you!

Whether you’re an AT&T, Verizon, Sprint or T-Mobile customer, every cell phone number can be a target for hackers. And it takes remarkably little effort to wreak havoc to your online life.

Why you need to protect your phone number

Your cell phone number is a single point of failure.

Think about it. You use your cell phone number all the time. You use it when you sign up to sites and services, and sometimes you’ll use it to log into an app or a game on your phone. Your phone number can be used to reset your account if you forget your password. And, you use it for two-factor authentication to securely login to your accounts.

If someone steals your phone number, they become you — for all intents and purposes. With your phone number, a hacker can start hijacking your accounts one by one by having a password reset sent to your phone. They can trick automated systems — like your bank — into thinking they’re you when you call customer service. And worse, they can use your hijacked number to break into your work email and documents — potentially exposing your employer up to data theft.

Just think of every site and service that has your phone number. That’s why you need to protect your phone number.

Gift Guide: The best security and privacy tech to keep your friends safe

How do hackers steal cell phone numbers?

It’s easier than you might think. Phone numbers can be found anywhere – thanks in part to so many data breaches.

Often, hackers will find the cell phone number of their target floating around the internet (or from a phone bill in the garbage), and call up their carrier impersonating the customer. With a few simple questions answered — often little more than where a person lives or their date of birth, they ask the customer service representative to “port out” the phone number to a different carrier or a SIM card.

That’s it. As soon as the “port out” completes, the phone number activates on an attacker’s SIM card, and the hacker can send and receive messages and make calls as if they were the person they just hacked.

In most cases, the only sign that it happened is if the victim suddenly loses cell service for no apparent reason.

From there, it’s as simple as initiating password resets on accounts associated with that phone number. Facebook, Gmail, Twitter — and more. A hacker can use your hijacked phone number to steal all of your cryptocurrency, take over your vanity Instagram username or maliciously delete all of your data.

You can read what happened to TechCrunch’s own John Biggs when his phone number was hijacked.

In the worst cases, it can be difficult or impossible to get your phone number back — let alone the accounts that get broken into. Your best bet is to make sure it never happens in the first place.

What you can do to protect your phone number

Just like you can apply two-factor authentication to your online accounts, you can add a secondary security code to your cell phone account, too.

You can either call up customer services or do it online. (Many feel more reassured by calling up and talking to someone.) You can ask customer service, for example, to set a secondary password on your account to ensure that only you — the account holder — can make any changes to the account or port out your number.

Every carrier handles secondary security codes differently. You may be limited in your password, passcode or passphrase, but try to make it more than four to six digits. And make sure you keep a backup of the code!

For the major carriers:

If your carrier isn’t listed, you might want to check if they employ a similar secondary security code to your account to prevent any abuse. And if they don’t, maybe you should port out your cell phone number to a carrier that does.

Check out our full Cybersecurity 101 guides here.

Comments

Post a Comment

Popular posts from this blog

Uber co-founder Garrett Camp steps back from board director role

Uber co-founder Garrett Camp is relinquishing his role as a board director and switching to board observer — where he says he’ll focus on product strategy for the ride hailing giant. Camp made the announcement in a short Medium post in which he writes of his decade at Uber: “I’ve learned a lot, and realized that I’m most helpful when focused on product strategy & design, and this is where I’d like to focus going forward.” “I will continue to work with Dara [Khosrowshahi, Uber CEO] and the product and technology leadership teams to brainstorm new ideas, iterate on plans and designs, and continue to innovate at scale,” he adds. “We have a strong and diverse team in place, and I’m confident everyone will navigate well during these turbulent times.” The Canadian billionaire entrepreneur signs off by saying he’s looking forward to helping Uber “brainstorm the next big idea”. Camp hasn’t been short of ideas over his career in tech. He’s the co-founder of the web 2.0 recommendatio
Post a Comment
Read more

Drone crash near kids leads Swiss Post and Matternet to suspend autonomous deliveries

A serious crash by a delivery drone in Switzerland have grounded the fleet and put a partnership on ice. Within a stone’s throw of a school, the incident raised grim possibilities for the possibilities of catastrophic failure of payload-bearing autonomous aerial vehicles. The drones were operated by Matternet as part of a partnership with the Swiss Post (i.e. the postal service), which was using the craft to dispatch lab samples from one medical center for priority cases. As far as potential applications of drone delivery, it’s a home run — but twice now the craft have crashed, first with a soft landing and the second time a very hard one. The first incident, in January, was the result of a GPS hardware error; the drone entered a planned failback state and deployed its emergency parachute, falling slowly to the ground. Measures were taken to improve the GPS systems. The second failure in May, however, led to the drone attempting to deploy its parachute again, only to sever the line
Post a Comment
Read more

ProtonMail logged IP address of French activist after order by Swiss authorities

ProtonMail , a hosted email service with a focus on end-to-end encrypted communications, has been facing criticism after a police report showed that French authorities managed to obtain the IP address of a French activist who was using the online service. The company has communicated widely about the incident, stating that it doesn’t log IP addresses by default and it only complies with local regulation — in that case Swiss law. While ProtonMail didn’t cooperate with French authorities, French police sent a request to Swiss police via Europol to force the company to obtain the IP address of one of its users. For the past year, a group of people have taken over a handful of commercial premises and apartments near Place Sainte Marthe in Paris. They want to fight against gentrification, real estate speculation, Airbnb and high-end restaurants. While it started as a local conflict, it quickly became a symbolic campaign. They attracted newspaper headlines when they started occupying prem
Post a Comment
Read more