cancel
Showing results for 
Search instead for 
Did you mean: 

Measures to protect from SIM porting (SIM jacking) and identity theft

maxvt
Good Citizen / Bon Citoyen

Hi PM community,

 

In recent months, there have been articles in Canadian media about fraud caused by people porting a phone number that does not belong to them, and taking over other accounts (PayPal, financial, etc.) over SMS. This issue has been growing in the US over the past few years and is finally recognized and getting attention in Canada.

 

What measures do we have available in Self-Serve or via customer support to prevent this? Can I require a password to port my number? Can I require a mandatory "cool down" time so that a porting will not happen within less than a week, for example?

 

I'm happy with PM service and have no plans to leave. It is in my interest making porting out as hard as possible to prevent SIM jacking.

 

Thanks!

 

11 REPLIES 11

Ardene18
Good Citizen / Bon Citoyen

Yes I agree when you port your number to PM you need at least one of the three only. But porting from PM to Fido they asked me for my pin number  aside from my account number before they finalized the porting. 

Ed404
Town Hero / Héro de la Ville

Public Mobile should add 2 factor authentication so we can secure our accounts better.

mimmo
Retired Oracle / Oracle Retraité

@Ardene18  pin number, IMEI , or account number you only need one of them to port. 

 

 

Ardene18
Good Citizen / Bon Citoyen

I remember a month ago when I ported back my other PM number to Fido they ask for my PM pin number before they can finalize the transfer. So make sure your pin number is safe. 

mimmo
Retired Oracle / Oracle Retraité

@maxvt you can even just misspell you name or add a - or something else.

 

If you used Gmail as your self serve login change it to an alias ie name+123@gmail.com or na.me@gmail.com then it will be harder for someone to login as they don't know your email even if some other account is hacked 

geopublic
Mayor / Maire

@maxvt wrote:

Hi PM community,

 

In recent months, there have been articles in Canadian media about fraud caused by people porting a phone number that does not belong to them, and taking over other accounts (PayPal, financial, etc.) over SMS. This issue has been growing in the US over the past few years and is finally recognized and getting attention in Canada.

 

What measures do we have available in Self-Serve or via customer support to prevent this?

 

@maxvt  Unfortunately none. Smiley Sad

 

Can I require a password to port my number? Can I require a mandatory "cool down" time so that a porting will not happen within less than a week, for example?

 

No, I have asked for this option and nothing has been done. My guess is that the only way a tier 3 provider will implement it is if they are mandated by legislation so maybe let you MP know. Smiley Happy

 

I'm happy with PM service and have no plans to leave. It is in my interest making porting out as hard as possible to prevent SIM jacking.

 

@maxvt  Might be worthwhile to do a search here on SIMjacking because other members have posted good info on how to protect yourself by better protecting your email account, using authenticator apps instead of texts for 2FA etc.

 

Thanks!

 


 


@maxvt wrote:

Is there any official confirmation (FAQ or a mod post) that says I could use any value for my name and it doesn't have to be my real name for billing or verification purposes?

 

Thanks!


You won't find anything like that because Public Mobile cannot counsel customers to put fake information into their account.  Trust me, it is possible.  The beauty of prepaid is that customer information is not scrutinized like postpaid. 

maxvt
Good Citizen / Bon Citoyen

Is there any official confirmation (FAQ or a mod post) that says I could use any value for my name and it doesn't have to be my real name for billing or verification purposes?

 

Thanks!

will13am
Oracle
Oracle

Number porting requires the number to be ported and one of account number, IMEI, account pin.  The best thing to do is to not have paper bills kicking around.  All the information needed to port a number is right there.  Shred papers with this information before throwing them in the recycle bin.  To protect online accounts from hacking, use a strong password.  Strong password is a long password (14 characters or longer) with at least one number, one letter,  one special character.

Dunkman
Oracle
Oracle

@maxvt 

There is no formal additional protection measures with PM.  

 

Somebody will need your account number, account holder name and phone number to port over any number for most companies.  Protect your password and maybe change your password intermittently. to your self service account.  Some people have suggested changing the name associated with your account.  There is no ID check for PM accounts, so you could choose any name you want.  But, the name needs to be correct for porting.  

popping
Retired Oracle / Oracle Retraité

@maxvt wrote:

Hi PM community,

 

In recent months, there have been articles in Canadian media about fraud caused by people porting a phone number that does not belong to them, and taking over other accounts (PayPal, financial, etc.) over SMS. This issue has been growing in the US over the past few years and is finally recognized and getting attention in Canada.

 

What measures do we have available in Self-Serve or via customer support to prevent this? Can I require a password to port my number? Can I require a mandatory "cool down" time so that a porting will not happen within less than a week, for example?

 

I'm happy with PM service and have no plans to leave. It is in my interest making porting out as hard as possible to prevent SIM jacking.

 

Thanks!

 


First defend is to keep your self-serve account safe.  Don't logon your account while you are on public free WiFi.  

People need your account number and you name on your PM account to port out your number.  People can only get your account number from your account.  Instead of using your real name on your account, you can use anything that people cannot easily guessed.  But your password is compromised, your user name will be exposed too.

Need Help? Let's chat.