Your Hacked Mobile Phone Number is Like Your Social Security Number
If you have a cell phone, and you use it in any way associated with accessing online accounts (and many do), you are putting yourself at risk of getting hacked. With only a phone number and a bit of information, which is easy to get through social engineering, a hacker can break into your personal and financial accounts.
This works by getting information about you, such as your birthday, address, or even the last four digits of your Social Security number…information that is readily available…and then creating a plausible story to gain access to your phone account, phone and various online accounts. Once they have access to your accounts, they can change the phone number, get a new sim card and then change account passwords, and you will be unable to access the affected accounts. Below, you will find some tips to help you protect your phone number:
Use a Passcode
If you have the option to put an additional passcode on your phone account, do it. Though this isn’t foolproof, it will certainly help to give you some added protection.
Disable Online Access to Cell Phone Accounts
I’m not doing this, but some should. This might be frustrating, but it will further protect you. If you need to make a change, you can call or go into the store.
Consider Using Google Voice
Google Voice is a safer option for many, and you can even forward your existing number to Google Voice. This helps to mask the calls you make, which means no one would have access to your real number.
Use a Carrier-Specific Email to Access Your Mobile Phone Account
If you are like most people, your email address and phone number help you to access most of your internet-based accounts. Ideally, instead, you should have a minimum of three email addresses: your primary address, one for your mobile phone carrier only, and one for sensitive accounts, such as your bank and social media. This way, if your primary email is compromised, a hacker cannot access your sensitive accounts.
Ask Your Carrier for Account Changes
Finally, you can ask your carrier to only allow account changes in person with a photo ID. Though there is still a chance that a hacker could pose as you with a fake ID, the chances are much lower.
There are also some steps that you can take to protect all of your online accounts:
Create Complex Passwords
One way to protect your online account is to create complex passwords. It’s best to use a password manager that creates random, long passwords. If you don’t use a password manager, create your own password of random numbers, cases, and special characters. These might include “4F@ze3&htP” or “19hpR$3@&.” Try to make up a rule to help you remember them.
Don’t Tell the Truth
Another thing that you can do is to stop being truthful when answering security questions. For instance, if a security question asks what your mother’s maiden name is, make it up. Something like this is too easy to guess…just make sure you remember it!
Don’t Connect Your Phone Number to Sensitive Accounts
You also should make sure that you are not connecting your phone number to any sensitive accounts. Instead, create a Google Voice number and use this for your sensitive accounts.
Use Passcode Generators
Passwords are easily stolen via key loggers, which is software that records keystrokes. You can protect yourself from this by using a one-time passcode generator. This is part of the two factor or multi factor authentication process. These generators are wireless keyfobs that produce a new passcode with heavy frequency, and the only way to know the passcode is to have access to the device that created the passcode.
Use Physical Security Keys
You also might want to consider using physical security keys. To use these, people must enter their passwords into the computer, and then they must enter a physical device into the USB port, proving that they are the account owner. This means, in order to access an account, a hacker must not only know the password, they must have the physical device.
Finally, if you really want to protect your internet accounts, you should use biometrics. You can purchase biometric scanners, such as those that read your iris, fingerprint, or even recognize your voice. When using these, you will be unable to access your accounts unless you provide this biological information. There are a number of devices on the market that do this.
Though these steps might seem a bit time-consuming, they can be the difference between keeping your private and financial information safe and getting hacked.
Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.