As the world becomes increasingly connected, so does the risk of your personal information being stolen. Consequences can be devastating when a cybercriminal obtains enough information to empty your bank account or sell it on the underground market. The most likely type of data to be stolen is Personally identifiable information (PII). Data breaches aren’t the only way hackers get their hands on PII; paper documents contain enough information to get them started wreaking havoc on your life. While the information that appears on billing statements is out of your control, it’s essential to know what can happen if it gets into the wrong hands.
Basic Personal Information is a Goldmine for Hackers
As you dash out the door for work, you pick your mail up off the counter, toss it onto the passenger seat to go through on your lunch hour. In your haste to beat the time clock, you forget to lock your car. A passerby sees your pile of mail and helps themselves to it. When you discover it’s not where you left it, you convince yourself, “it was just my phone bill and some correspondence from my kid’s school. Nothing to worry about.” You couldn’t be more wrong. A hacker now has enough information to steal your identity; phone bills contain personally identifiable information:
- Your first and last name
- Billing address
- Phone numbers for everyone on your account
- Account number
- In some cases, the numbers of all calls made and received
What Hackers Can Do with Your PII
Hackers can do a lot of damage using your PII. They can access accounts, take over your phone number in a SIM card swap, and access sensitive PII like bank account numbers and passwords. All that’s needed is your mobile account number and phone number. Once they have this information, hackers can often obtain the personal pin you’ve set up to prevent unauthorized changes to your account by merely walking into a wireless provider’s store and using a bit of social engineering. Even though carriers go to great lengths to educate their staff on preventative measures, the human factor still comes into play. Furthermore, many of their processes are automated, making it easier for fraudsters to take advantage.
Now armed with your phone number, a hacker has access to your email, bank, and social media accounts. They can wreak havoc while you are sleeping. By the time you wake up and realize your accounts are empty, it’s too late. It will take months, if not years, to undo the damage.
How Your Carrier can Protect You
Not all fraud is preventable, but mobile carriers should take extra measures to deter and reduce it. Here are some of the precautions we take to keep your PII out of the hands of cybercriminals:
Bill anonymity: Print the minimal amount of information on billing statements.
Manually porting numbers: Two associates are required to complete the process of transferring numbers.
- Once initiated, your dedicated account manager will call you to confirm. Since account managers are familiar with you and your account, it’s difficult for the hacker to fool them.
- Your account manager sends a request to the support team, who then emails the person on file to confirm the request and carrier it’s going to.
- The confirmation is sent back to the account manager, who contacts you with a phone call and email confirming the information.
- A written response is generated. Only then is your number released.
Customer data is stored offline: Call detail records and most personal information is stored offline.