If you have been the target of fraud, or your mobile account has been compromised, it is best practice to follow the steps below to protect your account from future fraud. Even if your mobile account has not been targeted, the recommendations below are helpful for securing your mobile and other accounts.

SIM swapping, sometimes called a SIM hijacking attack, occurs when the device tied to a customer’s phone number is fraudulently manipulated. Fraudsters usually employ SIM swapping as a way to receive one-time security codes from banks, cryptocurrency exchanges, and other financial institutions.

A Port Out occurs when a customer transfers their mobile service and phone number to another carrier. An Unauthorized Port Out occurs when the mobile telephone number tied to a customer’s account is moved to another provider without the customer’s authorization. Fraudsters can use Port Outs as a way to hijack your line, intercept your calls and SMS messages.

Your Mobile Account & Device

• Change the password to your online mobile phone account
• Change your account PIN
• Change your secret question and answer
• Confirm your account details are correct (name, address, contact email, any approved users on your account)
• Check your account settings for Voice Call forwarding to ensure it is not enabled without your approval
• Pay attention to any changes, notifications, or text alerts about your account and engage us quickly with any concerns

Your Mobile Phone Number

Important! This feature can only be Turn ON or OFF by the rightful owner of the line.

• Enable Line Lock from your account dashboard. It’s a new security feature that prevents scammers from hijacking your phone number, a/k/a “port out fraud”. All you have to do is login to your account and turn it on to add another layer of protection between you and the bad guys.

• Line lock protects your line from being ported out or having a SIM change. Line Lock statuses:

  Line Locked: Porting out is restricted (member cannot generate a port out pin, any port out attempts will be blocked), SIM and device changes including device upgrades are restricted.

  Line Unlocked: There are no restrictions to porting out or SIM changes.

• A locked line can be unlocked at any time, but when you set it to Unlock there will be a 30-minute delay before it actually unlocks. This is for your protection.
• Pay attention to alerts! We’ll send an email or text to make sure it’s you when there’s any attempt to change your SIM, service, or device.

Your Email Accounts

• Change your password and security questions
• Check your account settings for mail forwarding to ensure it is not enabled without your approval
• If your email provider offers it, leverage enhanced security settings
• Maintain good email hygiene, deleting unnecessary emails from organizations you wouldn’t want an unauthorized user to know you have accounts with

Your Other Accounts

• Any account that uses a text or call to your cellphone to authenticate you is potentially at risk. Change your passwords on all those accounts.
• Explore options for physical security tokens or other protections for financial and other high-value accounts

General Best Practices

• Never use the same password on different accounts or websites. This is particularly true for passwords on sensitive accounts such as banks, email, and your mobile service
• Always use a strong password - at least 8 characters, with letters, numbers, capitals and special characters, and consider changing them every six months
• Consider using unique usernames across all your accounts
• Add a passcode or biometric lock to your mobile device to prevent unauthorized use
• Don’t download apps that aren’t trusted - research any that aren’t well known
• Keep your mobile operating systems up to date
• Run antivirus on your mobile devices
• Opt into enhanced security wherever possible. This can be found on the security settings pages of your various accounts.
• Never give out passwords or personal information to an unsolicited caller, or in response to an email or text message, even if it sounds or looks legitimate. Call them back or visit their main website to be sure you’re really talking to who you expect.
• Don’t click on unexpected or unknown links sent to you in text from an unknown source

This is not meant to be a full and exhaustive list, and you should always exercise caution in all aspects of the security around your accounts, and your online activity.