Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
AT&T Launches Account Lock to Combat SIM Swapping Scams
- Thread starter MacRumors
- Start date
- Sort by reaction score
I also have Verizon and have the features turned on. When I buy a new phone and use the same phone number as before, I do not have to disiable the feature to upgrade the hardware. At least not when I bought my 15 Pro Max, my Ultra2 watch, and my wife's 16 Pro and her Series 9 watch.
In fact, I forgot I even had that feature until I read this article and checked. It's on for all devices on my VZ account.
Unless that has all changed more recently.
It required me to disable it on the Apple app to upgrade. I never tried it on the Verizon app, as I always upgrade through Apple and never Verizon.
I don't upgrade through Verizon. I go through Apple. But I use desktop Safari pointed to the Apple store website, and pick up in the B&M store sometimes, and ship to home other times.
I'll probably upgrade to Apple Watch Ultra3 and iPhone Pro Max 18.
I use Apple’s app to upgrade and now that I think about it, I noticed that I never had to disable it when I upgraded to the 15PM almost 2 years ago. I know ahead of time what to do to upgrade to the 17PM in September.
Good idea by AT&T.
I used to work for one of the big carriers and the amount of fraud and scamming is mind-blowing. They're all losing millions to account hijacks, SIM swapping fraud, phone upgrade fraud and on and on. Scammers and fraud rings are setting up fraudulent accounts with stolen credit cards and then sending the phones overseas. Gone forever
The SIM hijack is scary insane because once somebody has your SIM, they can access all your accounts with 2 factor. I know people who have been burned, so they have an unlisted burner phone as the 2 factor for their bank accounts and investment accounts.
I used to work for one of the big carriers and the amount of fraud and scamming is mind-blowing. They're all losing millions to account hijacks, SIM swapping fraud, phone upgrade fraud and on and on. Scammers and fraud rings are setting up fraudulent accounts with stolen credit cards and then sending the phones overseas. Gone forever
The SIM hijack is scary insane because once somebody has your SIM, they can access all your accounts with 2 factor. I know people who have been burned, so they have an unlisted burner phone as the 2 factor for their bank accounts and investment accounts.
Unintended consequence: Employees can no longer scam you into a new line, jam unwanted features, or scam you into an upgrade (will a bill credits "contract") for commission every time they interact with you without your consent
Both sides in my opinion are responsible. They need to do better about advertising this stuff without a doubt. But that shouldn’t stop customers from being proactive about securing their accounts. I can understand having a differing opinion and I respect that, this is just mine. 🙂
Thank you I was able to find itTurn Wireless Account Lock on or off
You can only turn Wireless Account Lock on or off using the myAT&T app. The app needs to be installed on a device that is active on your Wireless account. Download the myAT&T app now
Good to know: Any time a user turns Wireless Account Lock on or off, we’ll send an email to the primary account holder and a text message to each active wireless number on the account.
- Open the myAT&T app. Sign in, if asked.
- Select Services (second tab at the bottom).
- Choose Mobile Security, then scroll to and select Wireless Account Lock.
- Scroll to and select Continue.
- Choose the account that you want to lock or unlock.
- Swipe to lock or unlock the account.
Learn About AT&T Wireless Account Lock
Wireless Account Lock is a free security feature available for AT&T wireless customers through the myAT&T app.www.att.com
So it was enough to call from that number to ask them to change the SIM?! No authentication required? 😱
In my country, once you replace the SIM Card (either from one eSIM to another or physical SIM to eSIM vice versa) you can’t send or receive SMS for one day. You can receive and make calls and. Use DATA. To activate the eSIM you could provide alternate mobile number or the email id to receive the SIM activation OPT SMS. One can safeguard their number within this 24 hour time period.
Actually, there is a biometric lock and unlock feature available for one of our country’s important ID Card which links your biometric to the ID which is actually used for many KYC ad ID verification process. You can use your mobile (ONLY from the registered mobile number) app to either switch on or off the lock for Biometric verification. I normally, enable it just before the use and disable after the use.
Actually, there is a biometric lock and unlock feature available for one of our country’s important ID Card which links your biometric to the ID which is actually used for many KYC ad ID verification process. You can use your mobile (ONLY from the registered mobile number) app to either switch on or off the lock for Biometric verification. I normally, enable it just before the use and disable after the use.
Last edited:
I already have a PIN on my ATT account that supposedly makes social engineering harder.
What is the difference between this and the PIN, and are they still using the PIN?
What is the difference between this and the PIN, and are they still using the PIN?
They probably were, but a, most people don't really go into their accounts looking for these features, and b, AT&T probably just wasn't doing a good job of advertising such features
Me too. I just went in to turn this on, thinking it was different or enhanced from the other option I had enabled 6 months ago, and sure enough, it was the same exact security option I had already enabled 6 months ago.
t-mobile has a similar feature, but theirs is definitely susceptible to social engineering (or at least it was when i got sim swapped around 2020). i was so furious because they promoted this great new security feature so much, and they didn’t warn me at all in my email or by texting before the port, instead i found out when i woke up to a “no service” status on my phone.
that scammer wasn’t even in my home state but in texas, yet t-mobile reps fell for the social engineering, and the scammer used the sim to take money out of my bank of america account via sms authentication, which laughably was the only 2fa option they had. i couldn’t believe they didn’t stop the transaction when the scammer wasn’t even in my state. after a very lengthy call with their fraud department, i did get the money back about a month later.
that scammer wasn’t even in my home state but in texas, yet t-mobile reps fell for the social engineering, and the scammer used the sim to take money out of my bank of america account via sms authentication, which laughably was the only 2fa option they had. i couldn’t believe they didn’t stop the transaction when the scammer wasn’t even in my state. after a very lengthy call with their fraud department, i did get the money back about a month later.
I would love to get away from texts as a 2FA method. 2FA via the bank app is one thing but even then I'd prefer to have use something different like 1Password.
