10-26-2020 10:27 AM - edited 01-05-2022 03:54 PM
Given all the reports in the news these days about SIM swapping, does Public Mobile offer a way to lock an account to prevent a number being ported to another provider?
Seems to me that wouldn’t be too hard to make it an option on the self serve section to turn it on and off. It wouldn’t protect against everything, but it would help.
10-27-2020 08:30 PM
@Lonetreejim wrote:I’m more concerned about somebody porting my number than hacking my account.
To hack a bad guy would need my email and password. To port they need my name, provider and account number.
Either route you’re screwed.
Unfortuanately, if someone gains unauthorized access to your account, that person will have access to all of that necesarry information to port the number out.
10-27-2020 05:20 PM
I’m more concerned about somebody porting my number than hacking my account.
To hack a bad guy would need my email and password. To port they need my name, provider and account number.
Either route you’re screwed.
10-26-2020 03:11 PM
@gpixel wrote:the best thing you can do is to not link your cellphone to any financial institutions. and don't use your personal email for your cellphone provider. change your passwords if you were a Telus/Koodo/public customer before the Feb 2020 security breach.
@gpixel and @everyoneelse, I second this. Never ever use your phone number as a 2FA method to receive texts or to receive texts as a password reset method. Password managers are great. Use a strong password or let the manager generate one for you. Mine are all well in excess of a mix of 12 numbers, small letters, capitals, special characters. Don't make it easy by using the same easy password that you use here everywhere else.
10-26-2020 03:03 PM
there was an article on CRTC siding with the telecoms on not revealing details/info on sim swapping/jacking etc. we're on our own...
the best thing you can do is to not link your cellphone to any financial institutions. and don't use your personal email for your cellphone provider. change your passwords if you were a Telus/Koodo/public customer before the Feb 2020 security breach.
10-26-2020 12:25 PM - edited 10-26-2020 12:26 PM
Seems to me all providers are aiding and abetting fraud by allowing this to be so easy. There should be a confirmation reply required both for changing the SIM and porting out.
The notification that a port has been requested is useless. And it just goes ahead anyway.
Then add that if the SIM was changed first then no one knows anything has happened until their phone isn't working.
Then add that maybe ones account was compromised by a data breach.
It's terrible.
10-26-2020 12:18 PM
The real problem is when somebody makes it into your account, and it looks like that happens a lot. Then it's just matter of toggling it off and typing the new sim number, it would take only 7 secs more.
It would be nice if port wasn't that easy, that in order to port you would need to notify one way or the other that you will be porting out. At this point we are given as little as couple of minutes to prevent the fraudulent port. People have reported receiving the sms and phone going dead the best minute with the account already purged, and shine even waking up to that sms sent while they were sleeping.
10-26-2020 11:14 AM
@Lonetreejim wrote:Given all the reports in the news these days about SIM swapping, does Public Mobile offer a way to lock an account to prevent a number being ported to another provider?
Seems to me that wouldn’t be too hard to make it an option on the self serve section to turn it on and off. It wouldn’t protect against everything, but it would help.
@Lonetreejim Unfortunately Public does not provide an option to lock your sim. This has be discussed and requested many times in the past and nothing has been done. That is why you need to remain vigilant and practice safe online hygiene.
10-26-2020 10:38 AM
No there is not.
Pm and the other carriers are )were actively working in Port protection they tried a couple times but removed the feature beacuse of various issues.
Best thing is use an alias email address for self serve and change your name in self serve slightly.
Account name is essential for porting out so if You change it is much harder to sim swap