cancel
Showing results for 
Search instead for 
Did you mean: 

SIM Swap Fraud: 2 factor-authentication

J_PM
Public Mobile
Public Mobile

Hey Community, 

 

We’re pleased to announce that as of July 14, 2021, SIM card changes have been re-enabled in My Account

 

We have now implemented an additional step in the form of a 2 factor-authentication code to secure this process. This code can be sent via SMS or email, and must be verified to complete the SIM swap.

 

For more details, please see below.

 

Jade_S_0-1626272276129.png

 

All the information below can be found in this Help Article. 

 

What is SIM swap fraud?

Efforts by fraudsters to gain unauthorized access to customer accounts with the goal of accessing banking information is on the rise. As part of our commitment to protect our customers’ personal information, we have robust security protocols in place that are designed to protect the privacy and security of our customers.

SIM swap fraud, or SIM jacking, is a type of fraud that occurs when fraudsters gain access to your Self Serve account, to replace your SIM card information with their own. After replacing your SIM card, all communications will be redirected to the fraudster’s device. They will then be able to intercept recovery SMS/calls, and gain access to your personal banking, ecommerce, email and social media accounts. 

 

How does SIM swap fraud happen? 

 

Fraudsters can obtain customer Self Serve account credentials through malware, phishing attempts or data breaches on websites where login credentials are the same as your Self Serve account. 

 

How do I know if I’ve been targeted by a SIM swap fraud?

 

You may have been a target of SIM swap fraud if you have suddenly lost service for no apparent reason. If this is the case, please follow the below steps to confirm your SIM card information has not changed. 

 

  1. Log in to your Self Serve account 
  2. Select “Change SIM card” from the main page

Jade_S_1-1626272013870.png

 

 

  1. Confirm that the last four digits of the SIM card in Self Serve match the one in your device. If the digits do not match, you may have been targeted by a SIM swap fraud.

 

What do I do if I’ve been targeted by SIM swap fraud?

If you have been targeted by SIM swap fraud, we recommend you take the following actions to secure your account:

  • Change your Self-Serve account password and security question immediately to lock the fraudster out of your account

 

  • Put your phone into Lost/Stolen mode to suspend the fraudster’s service, to do this follow the below steps: 
    • Log in to you Self-Serve account
    • Go to Plans and Add-Ons, then select “lost/stolen phone”
    • Select “suspend service”

 

 

Jade_S_2-1626272013568.png

 

 

  • We also recommend contacting your financial institutions to ensure your banking and credit card accounts have not been accessed, and checking your social media accounts for any suspicious activity. Make sure you change your passwords to these accounts immediately. 
  • You may also want to report the fraud to your local police and the Canadian Anti-Fraud Centre at 1-888-495-8501, as well as contact the two national credit bureaus to request a copy of your credit reports and place a fraud warning on your file (Equifax Canada Toll free:1-800-465-7166 and TransUnion Canada Toll free: 1-877-525-3823).

 

How to protect against SIM swap fraud? 

Given the increase the telecommunications industry has seen in fraudulent activity like SIM swaps and unauthorized porting, we recommend that Canadians take the following steps to protect themselves:

  1. Protect your information: limit the amount of personal information about you online; fraudsters can use this information to verify your identity when attempting to swap your SIM. Be careful to not click on phishing emails (and texts) that ask you to provide and/or validate private information. 
  2. Guard your phone number: don’t add your phone number to any online accounts where it is not necessary. The fewer accounts you have associated with your number, the lesser your risk.
  3. Use strong and unique passwords for each of your accounts: using the same password across multiple accounts is a hacker’s jackpot. When you use the same password across different accounts, remember that once they successfully hack one account, they’ve hacked them all.  We also recommend that you change your passwords, including your Self-Serve password regularly.
  4. Set up authentication methods that aren’t text based: often, online accounts will require you to set up two-factor-authentication (2FA) for added protection; with 2FA, you need to authenticate yourself with something in addition to your username and password, such as a code that is sent to your device by text. With SIM swap fraud on the rise, you may want to use something other than your phone number for 2FA like an authenticator app or security key.

 

While Public Mobile is actively working on ways to help keep our customers safe, please make sure to stay vigilant, and be aware of any suspicious activity. 

 

- The Public Mobile Team



 

43 REPLIES 43

@Pawprints1986 

 

2FA is currently for SIM number changes. I will certainly pass along your sentiments for porting to the broader team. 

 

Thank you, 

Jade 

homer
Model Citizen / Citoyen Modèle

Good job! Even with 2FA, people also need to refrain from giving your verification code to anyone suspicious. 

clarad001
Great Neighbour / Super Voisin

I am not able to swap my sim card, I recently lost my phone and I keep getting an error screen. its been all day

 

clarad001_0-1628205351254.png

 

 

 

@clarad001 

Do this....

 

  1. Clear your browser.
  2. Reboot your device.
  3. Open one tab only.
  4. Use secret/incognito mode.
  5. Firefox, chrome or safari work best.

All else fails the CSA's can still swap the SIM card for you.