Port-out scams involve the malicious transfer of a phone number, away from its current telephone company to another.
By using social engineering and other methods, cybercriminals gain access to mobile phone numbers, subsequently taking over the digital assets of the person it belongs to.
Shocking as it may seem, many phone company representatives require very little details about a person’s account, in order to initiate a porting out of the phone number. Some of that information can be publicly available, or be part of a large scale security breach, such as that of Equifax.
Losing one’s phone number to a hacker puts domain portfolios to immediate danger. No longer protected by two factor authentication, these domain portfolios can be stolen and transferred out.
We are aware of several cases that the method of port-out scamming was utilized, in order to hijack valuable domain names, one of which was the theft of 988.com.
To combat such incidents of unlawful porting of phone numbers, cellphone companies such as T-Mobile, now add an extra layer of protection; a dedicated PIN number, once added to the account, will have to be provided in order to port out the phone number.
Read more about T-Mobile’s protection layer against port-out scams.
