Cell phone, hacker, red, handheld device

If you haven’t changed your cell carrier account PIN in a while, particularly if you have T-Mobile, now is the time to do so. That PIN is oftentimes the only proof of identity required to change your cell phone service from one physical mobile device to another.

If it's been a little while, go change your cell carrier account PIN now, before finishing this article. Stop using digits from your birthday, cell phone number, address, SSN, etc. and change it to something complex, unrelated to your life, and as long as possible. Too often, these PINs are extremely easy to guess.

What happens when a scammer guesses it? As an IT support company, we find it our responsibility to break it down for you, step by step.

Step 1: After getting in via the PIN, scammers can take over your phone, making your actual phone obsolete.

Step 2: Now that they have your phone, they can access any of your online services that have SMS 2FA enabled. (Not to mention anything automatically viewable on the phone, such as emails, notes, text messages, photos, etc.)

Step 3: If you're not automatically logged into your email on your phone already, they can simply claim to have forgotten your email password, which will lead to your reset code texted to your number. Then, they’ll have email access.

Step 4: They’ll change your email password, locking you out.

Step 5: With email access to hack into accounts you use on a day to day basis, they can select “Forgot Password” to every other online service, change the password via the emailed link, and lock you out.

  • Going off of this, here’s a couple things to consider:
    • If you utilize a password manager and have SMS account recovery/2FA enabled (We don’t suggest using SMS for any security measure if you can help it.), they can gain entrance to all your logins in one clean swoop.
    • If you enable your browser to store all your logins (which we highly discourage), they can easily login on the same make and model browser and sync your settings, history and passwords, allowing them to scroll thru, access and edit a wide range of accounts. This could very easily include logins for work...

It’s time to start thinking critically about the amount of information your phone carries about you. Think of all the cloud based information about you, right behind an easily hack-able login...Thankfully, United States-based cell carriers have realized this in recent years and are putting enhanced security in place. To learn how to enable those settings, click here. This article has instructions for Verizon, Sprint, AT&T and T-Mobile.

As mentioned before, if you have T-Mobile, it is of UTMOST importance that you change your pin. When they encountered a data breach in mid-August, account PINS were one of the many nuggets of information the hacker got about T-Mobile users. To learn more about that breach, go here. If you'd like IT support services to help navigate that mess, contact us here.

headshot, owner, president, author, partners plus, IT company, IT services, SSD, recommendationBill Hogan is the Owner and President of Partners Plus. He has 40 years of experience in the technology services industry, specifically small business IT support. Bill has spoken at seminars all over the country about network management and published his latest book in 2018. Partners Plus was selected by PHL17 as the best Computer and Information Technology Support Company in the greater Philadelphia area in 2018.