Fraud alert: you might want to know what a 'port-out' phone scam is

Phone scam

If you've never heard of a mobile phone 'port-out' scam, it's probably because it hasn't been talked about much. But if you become the victim of one, it could wind up costing you lots of money — not to mention your privacy.

A 'port-out' scam, or SIM hijacking, is where a fraud artist uses your stolen cellphone account information to transfer — or 'port' — your number and account to another carrier and, ultimately, seize control of your phone.

Once the fraudsters do that, they can either shut the phone down, or use it to engage in additional criminal activity. And since our cellphones are often the keys to unlock pretty much everything else about our lives, there's plenty that a criminal can do with that information.

CJAD 800's tech expert Carmi Levy says a lot of that stolen information can come from your own social media accounts.

"For example, if you are on Facebook, and you share information about your favorite childhood pet, the street you grew up on, your mother's maiden name — all of these security challenge questions, and then you use those very answers in your security setup on your phone number...they then have enough information to then call up your carrier, and pretend to be you, and move your phone over without your knowing," he says.

Levy suggests the public is largely unaware of the scam, in part, because people are often embarrassed to admit they were victimized in this way.

"That's the problem with most cybersecurity attacks," Levy says. "People are afraid to admit they fell victim, so they say nothing, which of course allows the criminals to operate in secrecy, and it makes a bad situation even worse."

'It can happen to anybody'

But Levy says this kind of thing can happen to anyone, in part, because many of us don't use kind of security features we should — two-factor authentication, for example, which many people don't use for the sake of convenience.

"The biggest mistake we can make when it comes to cybersecurity is assuming that we are completely invulnerable, that it can never happen to me," Levy says. "The sad reality is, it can happen to anybody, even the best prepared among us."

There are, however, several things people can do to reduce the risk of becoming a victim.

"A lot of it starts with our online behaviors. We overshare so much, and we don't realize that we're oversharing, and we're making life very easy for hackers to just pick up that information," Levy says. "If we simply didn't share so much online, they would find someone else to victimize."

Aside from using security features like two-factor or multi-factor authentication to sign into your phones, Levy says you would do well to lock down your social media accounts as well.

"Facebook is probably the worst of them all," he says. "Make sure that you're not leaving your security questions, or challenge questions, just sitting in public. In many cases, people fill out surveys or memes, and that information is available for anyone to pick up. So scrub your social media accounts of any personally identifiable information that could be used against you, and make sure that the security information that you do use for these questions is unique for each account, and that nobody could guess it."

While 'port-out' scams are becoming an increasing problem in the industry, there isn't much the big telecommunications companies can do about it. Levy points out that ultimately, the users, and not the companies, are responsible for securing their own accounts.