tl;dr - Enable port blocking & call control, set a security PIN for your phone account, and don’t give out your number to random companies.

Your phone number is the gateway to your entire digital life. By taking over your number, an adversary can get into your email, photos, bank account, etc. and cause all sorts of havoc. Doing this is as simple as calling your cell provider and pretending to be you, or by just bribing them.

Despite several high profile hacks, companies refuse to add proper safeguards to prevent this from happening. An elderly couple I know recently lost their entire life savings without any recourse.

The good news is that by spending just 10 mins, you can safeguard yourself against most hacks, save yourself from hours of pain, and increase your peace of mind.

Here’s what you need to do:

Enable Transfer Block

A common way to steal someone’s phone number is to call their carrier pretending to be them and ask them to transfer or port it to another carrier. Most customer representatives are under-paid/over-stressed and don’t check if it is really you before processing the request.

Transfer Block or Port Protection is a feature that helps prevent your number and account from being transferred or “ported out” accidentally or by an unauthorized user to another carrier. It prevents a customer service rep from transfering your number until you explicitly disable it on your account.

It is usually free of charge and can be enabled through your carrier’s website. You can always disable it if you want to port your number to a different carrier.

Set a Security PIN

Whenever you call Customer Support, the representative on the other side verifies that it is actually you by asking you some personal information like full name, date of birth, address, etc. It is trivially easy for an attacker to get this information. There is even a whole industry of data brokers that collect and sell this information to anyone interested.

A better way to authenticate yourself is by setting a security PIN or phrase for your account. You can do either through your carrier’s website or by making a quick call to customer support. A random security phrase generated using a password manager is ideal, but if your carrier only supports PINs, set one with the most number of digits allowed.

Even if a hacker has all your personal information, they won’t be able to access your account without the security PIN or phrase.

Enable Call Control

Thousands of people are getting hacked every year through robo calls. These are done by making a computer call random phone numbers over and over again until someone answers. When that happens, the call is transferred to an attacker who uses social engineering to dupe you out of every single penny you have.

Call Control is a feature that stops these calls from reaching you and can be enabled online. When your carrier detects a phone call from a number that you have never called or received a call from, it answers it on your behalf and plays a short message asking the caller to enter a short numeric code before the call can go through.

This stops almost all robo calls in their tracks. If a real human is trying to call you, they just have to do it once and their subsequent calls will go through directly.

Hackers specifically target seniors since they are more vulnerable to social engineering, so if you don’t do anything else, enable this feature for your parents/grand parents.

Don’t share your number unless absolutely necessary

The less information you share, the less the chances of it getting into the wrong hands. Next time a cashier asks your for your phone number during checkout, just say no. Do not sign up for random lotteries in parking lots. If you are trying to sell something on Facebook Marketplace/Kijiji, don’t give out your phone number to randos and use a temporary new phone number from a service like Hushed instead. If you are a high/ultra-high net worth individual, get a second number and use it only for your banks/financial institutions.

Doing these simple things will drastically reduce the possibility of getting hacked, save yourself from hours of pain, and increase your peace of mind… but just one more thing. If you found this useful, can you do me a favour and forward it to a friend? Thanks.

-Mustafa