Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Carrier Phone Number Port Out Scam?
- Thread starter KUguardgrl13
- Start date
- Sort by reaction score
The text is legit.
There has been an ongoing port out scam with T-Mobile for the last few months. Typically it's affecting T-Mob customers who are also customers of Wells Fargo or Chase Bank AND who have 2FA activated for those banks where an SMS code goes to your phone for password reset verification.
Basically, here's the scam…
Thief calls T-Mob because he has at least the last four of your social and T-Mob uses/used that as the PIN for your account.
Port number to a different carrier.
Visit your bank's website and click on "Forgot Password".
Code goes to THIEF's phone not yours - because they ported your number to their phone.
Thief now has full access to your bank accounts. And guess what, you are locked out and you've got to prove you are the injured party to the bank.
Begin transfer of bank account money elsewhere.
The most common method of transport has been Zelle, a payment system almost all the banks have integrated.
The way to defeat this?
Give your bank an alternate number if the policy is SMS for password resets. A Google Voice number is good or some other number that is unlikely or difficult to port (such as your home phone).
Lastly, add Port Validation to your account at T-Mobile. It's a 6 to 15 digit pin code and it's NOT based off the last four of your social.
Add a password to your account. It's additional security and you can tell them to set it in their system that they must ask you for this before giving you access to the account.
The Port Validation pin code is also your account PIN when you change this. So adding a password is double security.
The only breakdown in this is that if some uniformed T-Mobile rep ignores all the security and goes with the last four of your social for identity verification. They are NOT supposed to do that anymore - but it can happen.
BTW, T-Mobile is not the only company this happens to but right now it's the one that has it happening the most.
Oh yeah. Most people have been figuring this out hours after the fact because they didn't question why ther device had lost service until they got an email saying their bank account password had been changed.
Last edited:
It is astonishing that for me to access my video games a company like Ubisoft can require two-factor authentication (with one of the factors being a one-time password algorithm that changes every 2 minutes), but for me to access my life savings it's just a stupid SMS verification to a phone number that's probably plastered on every "lookup a person" website on Earth.
Hmm. We’ve only been with T-Mobile since last March, so I’m not sure what my PIN is but hopefully not the last 4 of my SSN. I bank at a small credit union. I’m not sure they have 2FA. I think they still use security questions XD
[doublepost=1518747607][/doublepost]
Sorry, I could hav sworn I got the particular message in the screenshot.
“T-Mobile Alert: We have identified an industry-wide phone number port out scam and encourage you to add account security. Learn more: t-mo.co/secure”
[doublepost=1518747795][/doublepost]
Edit above: Apparently when I edited the original screenshot to redact personal information, I forgot to zoom back out to the original size. Oops!
T-mobile now offers a port PIN you can have setup you choose the PIN and before your number can be ported you have to verify this PIN.
You can call them to set up or use T-Force on twitter to do it.
You can call them to set up or use T-Force on twitter to do it.
Well, don't feel too safe. As I said, this happens with all four carriers.
Right now it just happens to be T-Mobile in the undesired limelight.
Yup, but my last 4 SS #s will be an ordeal to figure out and my AT&T pin is not that.
Good!
I've done my best to secure my own accounts (non T-Mobile numbers for banks, CCs, etc) and my bank has had my back in the past. About all you can do.
I called T-Mobile over it. Through 611. It is legit. I set up a pin.
When I called T-Mobile the other day on something unrelated they asked me to do this. Also, once you have switched over, the automatic voice system asks for that number instead of your ssn.
Edit: someone mentioned above (not my quoted post) that it happens to be T-Mobile in the limelight. From what I have read, this is not true. This is something that will affect all carriers. T-Mobile just happens to be at the forefront of warning their customers.