• Ian Ippolito

How to protect your investment (and other) online accounts from the phone porting scam

hackers stealing millions

In part 1 of this article, we talked about how hackers are stealing millions of dollars from investors and consumers using just a phone number. In part 2 of this article, we'll talk about how you can protect yourself from this new scam. Doing the two-step The 1st step is to harden your cell phone account at the phone company to make it harder for the casual hacker to steal your phone number. You do this by placing restrictions on your account that theoretically prevent the hijacking from happening. In an ideal world, this would be enough. Unfortunately, the customer service reps don't always correctly honor the restrictions, and many people have still been vandalized despite this. So while it's a good 1st step, it's not enough. The 2nd step is to harden your sensitive online accounts (email, financial, social media, storage etc.). There are 2 ways to do this, with the more difficult one being the more effective. "Harden your heart" First, you need to harden the cell phone account at the phone company. As I mentioned, this is not foolproof, because customer service reps don't reliably honor these. However, they are really good 1st step to stop a casual hacker. A security advisory at Kraken recommends the following:

  • Set a passcode/PIN on your account

  • Make sure it applies to ALL account changes, all numbers on the account.

  • Ask them what happens if you forget the passcode, and then ask them what happens if you lose that information too. This will let you know what you're up against.

  • Institute a port freeze