Page 1 of 2 1 2 LastLast
Results 1 to 15 of 19

Thread: What safeguards are available from TF from sim swap scams

  1. #1
    Join Date
    Feb 2005
    Posts
    389
    Device(s)
    TF Moto E 2020
    Carrier(s)
    Tracfone
    Feedback Score
    0

    What safeguards are available from TF from sim swap scams

    I've been hearing more in the news about the sim swap hacks. What safeguards are available from Tracfone to prevent this on our phones?
    TZ

  2. #2
    Join Date
    Oct 2014
    Posts
    11,127
    Device(s)
    Pixel 4a, Samsung A51, Moto G Stylus (2021)
    Carrier(s)
    TF/AT&T, TF/Verizon, FreeUp
    Feedback Score
    0
    Quote Originally Posted by tzais01 View Post
    I've been hearing more in the news about the sim swap hacks. What safeguards are available from Tracfone to prevent this on our phones?
    The SIM-swap hack is actually porting a phone number out without the owner's knowledge. TF now requires a Porting PIN instead of the account PIN. You have to text NTP (Network Transfer PIN) to 611611 from your phone to get the Porting PIN texted back to your phone. When I ported 3 TF numbers to Visible between Nov and Dec last year, someone from TF Port Dept called me on the phones involved, texted a security code to the phones for me to read back before they'd release the number. But they don't always call before releasing the number.

  3. #3
    Join Date
    Jul 2008
    Location
    Virginia
    Posts
    4,671
    Feedback Score
    0
    I think basically any carrier that is offering something for free if you port in your number is going to attract people looking for an active number to steal.

    So that would attract fraud at Visible, Metro, whatever.

    Tracfone is doing the right thing by taking this seriously. They can do the right things when they make the effort.

  4. #4
    Join Date
    Feb 2005
    Posts
    389
    Device(s)
    TF Moto E 2020
    Carrier(s)
    Tracfone
    Feedback Score
    0
    Quote Originally Posted by hpham View Post
    The SIM-swap hack is actually porting a phone number out without the owner's knowledge. TF now requires a Porting PIN instead of the account PIN. You have to text NTP (Network Transfer PIN) to 611611 from your phone to get the Porting PIN texted back to your phone. When I ported 3 TF numbers to Visible between Nov and Dec last year, someone from TF Port Dept called me on the phones involved, texted a security code to the phones for me to read back before they'd release the number. But they don't always call before releasing the number.
    Ok, that sounds good along with the security question and password.

  5. #5
    Join Date
    Oct 2014
    Posts
    11,127
    Device(s)
    Pixel 4a, Samsung A51, Moto G Stylus (2021)
    Carrier(s)
    TF/AT&T, TF/Verizon, FreeUp
    Feedback Score
    0
    Quote Originally Posted by tzais01 View Post
    Ok, that sounds good along with the security question and password.
    To port out a phone number, you typically need to provide these pieces of info to the new provider: the phone number, name on the account, the account number, account PIN (TF now requires the port PIN), the zip code of the account. Those pieces of info are known only by someone inside the provider/carrier who can access the customer database, or a hacker who got access to the database. With TF now requires the NTP which is generated and texted to the phone and has a limited lifespan of 24-48 hrs, that makes things harder to illegally port out your number.

  6. #6
    Join Date
    May 2019
    Posts
    73
    Feedback Score
    0
    Quote Originally Posted by hpham View Post
    To port out a phone number, you typically need to provide these pieces of info to the new provider: the phone number, name on the account, the account number, account PIN (TF now requires the port PIN), the zip code of the account. Those pieces of info are known only by someone inside the provider/carrier who can access the customer database, or a hacker who got access to the database. With TF now requires the NTP which is generated and texted to the phone and has a limited lifespan of 24-48 hrs, that makes things harder to illegally port out your number.



    @hpham

    That "port PIN" can ONLY be texted back to the specific phone you are using correct, and NO other device? If so that is great news and a bit of relief, since if you look at another thread here, it appears some other scammers are sending texts from 77890 claiming to be tracfone claiming that they have noticed some "unusual activity" on our accounts and that there is some SECURITY NOTICE we are to click a link to in that text!

    FOLKS DO NOT CLICK ON TEXT LINKS IF AT ALL POSSIBLE FOR ANY REASON NOW....it really appears that some really big time criminals are working overtime to steal your personal information that could even lead to having your bank account compromised!
    t

  7. #7
    Join Date
    Oct 2014
    Posts
    11,127
    Device(s)
    Pixel 4a, Samsung A51, Moto G Stylus (2021)
    Carrier(s)
    TF/AT&T, TF/Verizon, FreeUp
    Feedback Score
    0
    The Port PIN is sent back only to the phone that texted NTP to 611611.

  8. #8
    Join Date
    May 2019
    Posts
    73
    Feedback Score
    0
    Quote Originally Posted by hpham View Post
    The Port PIN is sent back only to the phone that texted NTP to 611611.
    Seems like it would be impossible for a scammer to do an unauthorized port out unless they had your phone in their hands. Correct? They could not use your IMEI or SIM number to forward that to another device correct?
    Sorry to be nitpicking but well some of the stuff I'm hearing about these things now is pretty unnerving!
    Thanks for your help and clarification!

  9. #9
    Join Date
    Oct 2014
    Posts
    11,127
    Device(s)
    Pixel 4a, Samsung A51, Moto G Stylus (2021)
    Carrier(s)
    TF/AT&T, TF/Verizon, FreeUp
    Feedback Score
    0
    If a scammer can spoof his phone to appear as your phone number, then he can steal the port PIN. I don't think it's easy, but can't say it's not possible.
    Previously, the info needed to port out (phone number, name, acct number, acct PIN, zip code) was "static" and any scammer who has access to the customer database can impersonate you.

  10. #10
    Join Date
    May 2019
    Posts
    73
    Feedback Score
    0
    Quote Originally Posted by hpham View Post
    If a scammer can spoof his phone to appear as your phone number, then he can steal the port PIN. I don't think it's easy, but can't say it's not possible.
    Previously, the info needed to port out (phone number, name, acct number, acct PIN, zip code) was "static" and any scammer who has access to the customer database can impersonate you.
    Thanks for the clarification, it seems pretty remote that they might be able to do it. I wonder how that is possible? I suppose I don't want an answer since I don't want to give any information away that could help these criminals.

  11. #11
    Join Date
    Oct 2014
    Posts
    11,127
    Device(s)
    Pixel 4a, Samsung A51, Moto G Stylus (2021)
    Carrier(s)
    TF/AT&T, TF/Verizon, FreeUp
    Feedback Score
    0
    Search the Internet for "caller ID spoofing" to get more info. There are even sites like spoofmyphone.com that sell apps/service to spoof numbers. I don't know if that will fool TF system.

  12. #12
    Join Date
    Feb 2017
    Posts
    152
    Feedback Score
    0
    It's trivial to spoof the number that shows up on caller ID, as mentioned above. I've never heard of someone being able to hijack a phone number and receive the calls/texts sent to it without SIM swapping (which is why TF now requires a text to the phone number before doing the swap.) I'm sure it's possible for someone deep in the phone company, or in law enforcement; but it's not a low hanging fruit for scammers like SIM swapping used to be.

  13. #13
    Join Date
    Jul 2008
    Location
    Virginia
    Posts
    4,671
    Feedback Score
    0
    I'm sure a phone number is more complicated than John Doe 888-555-1212. That's just the part we see to keep it simple.

    I don't think that changing a name would fool a phone company. Our wireless numbers don't even have personalized names.

  14. #14
    Join Date
    Nov 2013
    Posts
    209
    Feedback Score
    0
    Does that mean using a locked Tracfone would prevent or reduce the risk of getting hacked?

    Specifically when using the phone to receive the 2 factor authentication code a bank would send when using your PC to access a bank account. Everything I’ve read says that receiving a 2FA code via text is the least secure method of 2FA because your phone can be compromised.

    SIM swap fraud explained and how to help protect yourself
    https://us.norton.com/internetsecuri...wap-fraud.html

    If the thief can’t do, or easily do, a SIM swap then using a Tracfone should be OK, correct?

  15. #15
    Join Date
    Oct 2014
    Posts
    11,127
    Device(s)
    Pixel 4a, Samsung A51, Moto G Stylus (2021)
    Carrier(s)
    TF/AT&T, TF/Verizon, FreeUp
    Feedback Score
    0
    Quote Originally Posted by StymiedToo View Post
    Does that mean using a locked Tracfone would prevent or reduce the risk of getting hacked?

    If the thief can’t do, or easily do, a SIM swap then using a Tracfone should be OK, correct?
    Whether the phone is locked to TF or not has no bearing on getting your phone number ported out illegally by hackers.

    With TF now using the new Port PIN (instead of the account PIN) being texted to your phone, it's harder for the thief to port your number out.

Page 1 of 2 1 2 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 07-13-2008, 01:14 AM
  2. Wing: what progs are safe to run from SD
    By transportguy in forum Windows Mobile Devices
    Replies: 2
    Last Post: 08-13-2007, 09:48 PM
  3. Replies: 2
    Last Post: 01-31-2005, 07:06 AM
  4. Replies: 5
    Last Post: 07-29-2004, 10:03 AM
  5. Replies: 6
    Last Post: 05-17-2003, 03:31 PM

Bookmarks