SouthernWorldwide.com – Getting hacked once is scary enough. But experiencing another hack after changing carriers, replacing cards, and attempting to recover your accounts can make it feel like criminals are always one step ahead.
This is precisely what happened to Lela in Ohio, who reached out after a frightening series of account takeovers. “All my accounts have been hacked,” Lela stated. “I had my phone number transferred to another carrier, AT&T, and I’m experiencing it again. They have hacked my phone number again.” She reported that criminals accessed her checking accounts, credit cards, and even began charging new cards before she received them.
This led her to ask the crucial question: “Should I be just getting a new phone number instead of trying to recover the number I’ve had for 20 years?”
The answer is often “maybe,” but changing your number should rarely be the initial step. A new number can be beneficial in certain scenarios. However, if hackers still have control over your email, bank login, recovery settings, or wireless account, they may be able to regain access.
Your phone number might seem harmless. After all, it’s how friends, family, doctors, and businesses contact you. But today, that number is intricately linked to some of your most critical accounts. It can be tied to your bank accounts, credit cards, email accounts, Apple ID, Google account, medical portals, shopping accounts, and password reset functions.
This connection makes it highly valuable to criminals. If a scammer gains control of your number, they could potentially receive your calls and text messages. This includes vital security codes intended only for you. From there, they can reset passwords, infiltrate your email, access financial accounts, and continue to re-enter even after you believe the issue is resolved.
A SIM swap scam occurs when a criminal deceives your mobile carrier into transferring your phone number to a SIM card or eSIM they control. A port-out scam happens when they move your number to a different carrier.
Once this happens, your phone may suddenly lose service. Simultaneously, the scammer might start receiving your calls and texts. This can grant them access to verification codes for email, banking, credit cards, and other accounts.
In some instances, victims only realize what has occurred when money vanishes or accounts become locked.
While a new number might seem like a solution, it’s not always the immediate best course of action. If Lela relinquishes her long-standing number too quickly, she could lose access to accounts that still rely on that number for recovery. Even more concerning, if a criminal still controls the old number, they could continue to receive password reset codes for associated accounts.
Before changing the number, it’s essential to secure the current number and update the most critical accounts. A new number might be a sensible option if the number continues to be targeted despite carrier protections. It could also help if hackers repeatedly use it to reset accounts, if the carrier confirms unauthorized SIM swaps, or if too many accounts linked to that number have already been compromised.
A new number may also be worth considering if the old number is widely exposed on the dark web or data broker sites. However, retaining the current number might be safer for now if it’s needed for recovering essential accounts.
Lela should contact AT&T directly using the official number found on AT&T’s website or her billing statement. She should avoid using numbers provided in texts, emails, or voicemails.
She should request that AT&T investigate for any SIM swap attempts, port-out requests, unauthorized account changes, new devices, call forwarding, number transfer activity, and any unknown authorized users. She should then ask AT&T to implement stronger protections, including a robust account PIN, a port-out freeze or number transfer lock, a SIM lock if available, and additional account verification. It’s also crucial to remove any unknown authorized users, which significantly hinders criminals’ ability to transfer her number again.
Your email often serves as the master key to your digital life. If a hacker gains control of your email, they can reset passwords for banks, credit cards, shopping accounts, and social media. Before changing every password, Lela must ensure her primary email account is secure and free from compromise.
She should change her email password from a secure device, sign out of all active sessions, review recovery email addresses, verify recovery phone numbers, and remove any unknown forwarding rules. Additionally, she should examine connected apps and devices and enable stronger two-factor authentication (2FA). If her email remains compromised, a hacker can continuously undo any recovery efforts.
Text message codes offer a layer of protection compared to no security at all. However, they become risky when criminals target your phone number. For important accounts, it’s advisable to use an authenticator app, a security key, or passkeys where available.
This is particularly crucial for email, banking, credit cards, Apple ID, Google account, social media, password managers, tax accounts, and government accounts. Utilizing these methods makes your accounts significantly more resistant to breaches, even if a criminal gains control of your phone number.
If your phone, tablet, or computer is infected with malware, changing passwords from that compromised device could inadvertently provide the new passwords directly to the hacker. Before resetting passwords, ensure the device is clean and secure. Update the operating system, delete any unknown applications, and run robust antivirus protection.
Avoid clicking on links in suspicious texts or emails. Then, utilize a password manager to generate unique passwords for every important account. Never reuse old passwords after a hack.
Given that Lela reported criminals charging new cards before she received them, this situation should be treated as potential identity theft or account takeover. She should contact each bank and credit card company directly and speak with their fraud department. She needs to explain that her accounts, phone number, or identity may have been compromised.
Ask each bank to cancel any compromised cards, issue new card numbers, review recent activity, add verbal passwords or extra verification, and remove any unfamiliar devices from online banking access. She should also enable transaction alerts and inquire whether wire transfers, Zelle, or other payment tools require temporary limits. Finally, she must check if criminals have opened any new accounts in her name.
If criminals possess sufficient information to persistently attack your accounts, a credit freeze can prevent them from opening new credit lines in your name. Place a credit freeze with Equifax, Experian, and TransUnion. You can also opt for a fraud alert.
Subsequently, file an identity theft report at IdentityTheft.gov. This report can assist in formulating an official recovery plan and provide necessary documentation if banks, lenders, or credit bureaus require proof.
If scammers have obtained your phone number, email, address, date of birth, or other personal details, they may use this information to impersonate you.
A data removal service can help reduce the amount of personal information exposed on people-search sites and data broker sites. While data removal won’t resolve a hacked account on its own, it can decrease the information scammers use to target you again.
Even after securing your accounts, remain vigilant for signs that criminals are still attempting to use your number or accounts. These red flags should prompt immediate attention.
If your phone switches to SOS mode, loses service, or stops receiving calls and texts, contact your carrier immediately. This could indicate a SIM swap or port-out attempt.
Receiving random security codes can signal that someone is trying to access one of your accounts. Do not share the code with anyone. Go directly to the account’s website or app and change your password from a secure device.
Take any wireless account alert seriously. This includes notifications about a new SIM, eSIM, device, PIN change, or number transfer request.
Watch for small test charges, declined transactions, new payees, or changes to contact information. Criminals often test an account before initiating larger fraudulent activities.
Review recent login activity, connected devices, forwarding rules, and recovery options. If anything appears unfamiliar, remove it and change your password.
If the warning signs persist even after implementing security measures, then changing your number might be worth considering. A new number could be helpful if the current one remains a constant attack vector. However, before switching, Lela should first update her phone number on critical accounts.
This includes email, bank accounts, credit cards, Apple ID, Google account, Social Security account, IRS account, password manager, medical portals, insurance accounts, investment accounts, utilities, and shopping accounts. Subsequently, she should remove the old number from account recovery settings wherever possible.
A common oversight after a hack is changing passwords while neglecting recovery options. If the scammer managed to add their email, phone number, or device, they may still be able to regain access.
Thoroughly check every important account for recovery phone numbers, recovery email addresses, trusted devices, backup codes, linked apps, forwarding settings, authorized users, and payment methods. Remove anything that seems out of place.
A new phone number can offer assistance, but it is not an infallible solution. If hackers still have access to Lela’s email, bank logins, recovery settings, or personal information, they may continue to regain access even with a new number. The more prudent approach involves first securing the wireless account. Then, secure your email, cease using text codes, change passwords from a safe device, and protect your bank accounts. Following these steps, freeze your credit, file an identity theft report, and remove exposed personal information from the web. Only then should you determine if changing your number is necessary.
Your phone number may feel personal, especially if you’ve had it for two decades. However, once criminals exploit it as an entry point into your life, the ultimate goal is to sever every avenue they can use against you.
Have you ever experienced your phone number, email, or bank account being hacked? What was the initial indicator that something was amiss? Share your experiences by writing to us at CyberGuy.com.
