Porting allows you to transfer your current mobile number over to a new carrier. It’s helpful because it frees you from having to inform all of your current contacts about your new phone number, which, depending on how many contacts you have, can be a tedious and time-consuming process.
Unfortunately, porting does introduce a vulnerability in your information security. Scammers have figured out how to request phony port-outs, which, if successful, allows them to circumvent two-factor authentication (2FA) protection. If a thief tries to sign in to your account and you have a certain form of 2FA enabled, a text is sent to your phone with a code required to complete the sign-in. A phony-port out of your number allows a thief to interrupt those text messages, thus granting them the 2FA code and access to your information.
This type of theft is referred to as a “cross-account take over scheme” because it allows the thief to gain access to numerous accounts with very basic information (e.g. email address, or financial account ID).
Various carriers have established their own forms of request validation to help prevent this practice and we recommend you ask your provider how they manage this risk. Also, there are third party authenticator applications such as Google Authenticator which generate unique codes each time you sign into your accounts. Since they are apps, they live on your phone and the unique codes are not sent via SMS.
If you have any questions about cybersecurity threats and your personal information, please contact us.