Cellphone carriers aren’t doing enough to protect customers says a B.C. woman who fell victim to a cellphone “porting” scam.
“I don’t want anyone to have to go through the hell that I went through,” said Sandy Pelley.
Back in January, Pelley says she received a text message from her phone carrier, Rogers, indicating her number was about to be ported.
Porting is when you switch phone service providers, but you want to keep your existing number.
However, when she called Rogers, Pelley says she was put on hold for 50 minutes.
As she waited for a Rogers representative, Pelley says her cellphone went dead.
“I didn’t know what that meant at the time, but that meant the bad guys took over my cell number,” said Pelley.
With the hijacking of Pelley’s personal information and cellphone number, fraudsters were able to transfer Pelley’s number to another phone carrier and unlock several of her personal accounts.
Because she had signed up for a security feature like two-factor authentication on some of those accounts, the four-digit security codes were now being sent via text message to Pelley’s cellphone number, which was now in the hands of criminals.
The fraudsters charged over US$4,500 to Pelley’s Paypal account, which the online payment company eventually refunded.
When she finally reached Rogers, Pelley says she was disappointed with the company’s response.
In a statement, Rogers told Consumer Matters it takes protecting customers’ personal information “very seriously.”
“As fraudsters evolve their tactics, we work with other carriers to continually strengthen processes to prevent unauthorized porting, including new protections put in place this past fall.”
The Canadian Radio-Television and Telecommunications (CRTC) requires service providers implement wireless number portability so consumers can easily switch telecom providers, and requires the port be completed within 2.5 business hours.
However, Chester Wisniewski, cybersecurity specialist at Sophos, said phone companies are not doing enough to protect consumers.
“It’s very easy to move our phone numbers in Canada, so the criminals are recognizing that and abusing it,” said Wisniewski.
“I think the phone companies need to be a lot more rigorous with verifying our identities and there’s some things consumer can do as well.
“Make sure you protect your account with some sort of PIN, choose a strong password to log into your mobile phone provider.”
Wisniewski also says your best defence is to have strong passwords on important accounts, because that’s usually where a cyberattack begins.
The Canadian Anti-Fraud Centre advises consumers to contact their provider and ask for a stop to any cellphone porting.
However, the CAFC says it can’t guarantee all telephone providers will offer this service, but says it is up to the consumer to contact them and ask.