Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

author photo

Beware Phone Porting Scam that Can Empty Your Bank Account

by on February 07, 2018
in Privacy, News, Phones and Mobile, Blog :: 36 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

Many T-Mobile customers recently received a text message that the company has “identified an industry-wide phone number port-out scam and encourage you to add account security.” The text then directs you to a page on the T-Mobile website to learn more. In case you’re wondering if this threat is real, it is. And you need to take action on it now, even if you’re an AT&T, Sprint or Verizon customer. Failure to do so could result in having your bank account cleaned out, as has happened to numerous consumers.

Here’s how the scam works. The fraudster either calls into your carrier or goes into a local store claiming to be you. With so much of our public information now in the public sphere, including our social security number, it’s not hard to do (thank you, Equifax and others). They then “port out” your phone number to a pre-paid phone on another carrier.

Now that they have control over your number, they can receive the two-factor authorization texts required to reset your email password. And from there, it becomes relatively easy, assuming they have other basic identifying information about you, to reset your banking information and gain access to your accounts.

To protect yourself from these scams, it’s critical that you set up a port-out validation PIN with your carrier that prevents anyone who doesn’t know this number from transferring your phone to another account. You may already have a PIN on your account, but the default PIN is sometimes the last four digits of your SSN (as I recently discovered it was for my T-Mobile account), which makes it incredibly insecure, so you should change it to something that can’t be easily guessed.

To set up your port validation PIN on T-Mobile, you need to call 611 from your T-Mobile phone or dial 1-800-937-8997 (you can’t do this online). You can learn more about the PIN creation policies and processes for each of the carriers on their websites: AT&T, Sprint, T-MobileVerizon). 

Even if you have a strong PIN, there are phishing attacks specifically targeted to uncovering it. For example, I received a pre-recorded call earlier this week with the message:

“Dear AT&T Customer, we value your security and invite you to validate your wireless account passcode. Please press 1 to verify now.”

Had I “validated” my AT&T passcode (which I don't have, anyhow, because I'm a T-Mobile customer), the scammers would now have exactly what they needed to transfer my account. Always protect your passcode and never give it to anyone or type it anywhere unless you go directly to your carrier's site login page (NOT by following a link in an email you received) or initiate the call to your carrier.

In addition, carriers use your email and/or security questions to remind you of forgotten user IDs and passwords. So always use strong, unique passwords for both your email and mobile accounts, and make sure your security questions can’t be guessed using publicly available information (even if that means lying).

[Image credit: scam alert via BigStockPhoto]

Discussion loading

Port Out Scam

From Dee on February 07, 2018 :: 4:44 pm

My husband is a new wireless phone user, bought mainly for emergencies.  He was the victim of a port out scheme very recently.  Luckily it was just a matter of his carrier being changed with out his knowledge. He also lost his minutes, which has since been resolved along with port out.  This happened without any contact by his carrier originally listed with the phone.  Had it not been for the fact that he could not make any outgoing calls who knows what would have happened.  It took many hours in a live chat and on the phone with the original carrier to get his phone number and minutes back.  I can see, first hand how this could have been much more serious. People really need to go with the PIN ID you mentioned.


And how exactly would the

From German Lopez on February 07, 2018 :: 4:53 pm

And how exactly would the clean out my bank account?


The article went into the

From Dee on February 07, 2018 :: 5:22 pm

The article went into the capturing of information that could lead to your bank accounts. Why take the chance when it is easy enough to increase security on your account.  After our experience yesterday, I see how that could happen with no
per mission given. We now have notes in our account that nothing is to be changed without notifying us first.  Y


Because it enables you to reset passwords

From Josh Kirschner on February 08, 2018 :: 12:04 pm

Controlling the phone gives you access to the text messages email programs and banks use to reset forgotten passwords. So if I have your phone account/number I can request your Gmail email address, then reset your password using SMS verification. Then I can go to your bank (I would try the main ones first) and ask for a password reset. They would either then send me an email with reset instructions (an email account I now control) or send me a reset code via a text message to the registered phone (a phone I now control).


I want to thank you

From Dee on February 08, 2018 :: 7:03 pm

I want to thank you for the information Josh.  I am passing it along to friends and family.


Hacked? No not I.....had to be someone else

From Jen on March 03, 2018 :: 2:44 am

I have been following your articles & posts reading as much as I can regarding odd activity on accounts and what not.  I am not one to publicly air my problems but i am honestly at wits end. I realize this is rather vague but could you please contact me?


Can you provide more details about your issue?

From Josh Kirschner on March 05, 2018 :: 4:39 pm

Hi Jen,

We can’t help you offline as we’re not a tech support business, but will try and provide advice to questions posed in these comments. Please post a separate comment about the issues you are having. You may also want to read our article on How to Tell if Your Phone Has Been Hacked to see if that is helpful.


SIM port out.

From JP on January 18, 2020 :: 4:40 pm

They have access to you phone number, then request to reset your passwords to first your emails which sends SMS to the phone number to confirm it is you,same goes on for all you profiles till they breach your bank online profile the same way.



From Vicki on February 08, 2018 :: 5:47 pm

I appreciate these timely warnings from your site popping up on my screen. I posted your article on my Facebook page and will follow the advice you’ve provided. Thank you very much!


Thank you

From Josh Kirschner on February 09, 2018 :: 1:58 am

Thanks for making others aware so they can protect themselves.



From robert on February 08, 2018 :: 5:57 pm



now what if..

From Janet Curtis on February 08, 2018 :: 6:22 pm

i have metro pcs phone..can the get all info from that? because I was scammed and changed my bank acct. and debit card..BUT I dont know what else they got at all. it appears they played as capitol one bank which i do have 2 cards with. so i did change bank and debit card..but even my bank doesnt know my cc numbers? i dont know what porting is but i have a niece who is a felon and now with my elder mother tapping her phone thru this and maybe MY cell. I dont think im sure exactly what to do. ? i have a gmail email and an aol email i know they have my aol mail. how does this happen. ? im calling the bank now. some one ple reexplain this complicated scam and hopefully ill get an email telling me more of what to do. since this is a push notification i normally would have missed it. as i usually remove them as all scams and they cover everything on my pages. someone pls reply and tell me how to do what needs done. the theif in moms home has info and the hackers from last month also have it!!!!!! SOS ty


Not hacking, but transferring

From Josh Kirschner on February 09, 2018 :: 2:07 am

Hi Janet,

There are a number of ways people can defraud you, so difficult to say what occured with your past issues. What’s happening here is not hacking (or “tapping”) your phone, it’s transferring your phone account to another carrier and out of your control. Then using text messaging on your transferred account to get access to your email/bank/other accounts.

However, if you are concerned about someone close to you who may be putting spyware on your phone, you should read our story on How to Tell if Your Phone Has Been Hacked. And be sure to change your password on all your account to strong, unique passwords that no one else will be able to guess.


Happened to me

From Jason on February 10, 2018 :: 12:28 am

This happened to me recently - it sucks. All the sudden my phone had no signal and by the time I cleared it up with T-Mobile, they thief had already transferred 5K out of my bank accounts. BTW, I had a pin setup so this isn’t foolproof because the agents are easily manipulated by the fraudsters.


Happening to me too

From Buh on February 10, 2018 :: 2:40 pm

This sucks. I have no way of even calling my provider as whoever is doing this can reroute calls or simply disconnect the call. Metro pcs is no help. Police are no help. What do I do????? This has happened to me before. Repeatedly.


Did T-Mobile provide info on how they did it?

From Josh Kirschner on February 12, 2018 :: 4:03 pm

Did T-Mobile provide you any details on how they were able to port your phone without knowing your PIN (I’m assuming your PIN wasn’t something easy to guess)?



From Buh on February 10, 2018 :: 2:47 pm

I have a MetroPCS phone and this is happening to me right now. It’s actually happened the last several phones I’ve had, all different providers. I can’t even call 611, the IRS or anyone without getting cut off or redirected. Help!



From ELI on February 27, 2018 :: 9:19 pm

JUST HAPPENED TO ME TOO.UUUGGG!!Iguess I have to check my account now..


? Hope this works

From Dee on February 10, 2018 :: 2:52 pm

When I finally got my husbands phone account straightened out, I insisted that they add notes to the account stating no porting, unless he is called.  inoperable!!! Not sure this will work, because it had to be someone on the inside, how else would they get his PIN #. He did not lose any money, but they took all of his remaining minutes and left his phone inoperable!!!  Took several hours to get this fixed. Thank God it didn’t involve stealing money from his bank account,like some of you have had to go through!!!



From Victoria on February 10, 2018 :: 8:54 pm

I contacted Verizon. First I changed my PIN, because, just as the article described, it was defaulted to the last 4 digits of my SSN. Second, I asked Verizon to put notes on my account that 1)any port request was required to occur in person at a Verizon Wireless retail location and 2)a valid ID must be presented prior to port approval. I would encourage others to do the same. Thanks for this very helpful article!


your comment confused me.

From Micki on February 10, 2018 :: 11:15 pm

If you are with Verizon I am very surprised that your PIN was your SS#.  Early LAST YEAR Verizon made all their users change their PIN numbers if they were using their last 4 digits. I should know as I WAS using my last 4 and they locked me out of my account until I changed it.  So I did -  to something really stupid because at that time I didn’t know someone could “port” my phone. Guess I have to call them and change it.  Sigh.


Verizon PIN

From Victoria on February 11, 2018 :: 4:26 am

I have been a Verizon customer forever and didn’t get the email you reference. Just another reason I am grateful for this article. Of note, Verizon PINs can be changed via My Verizon also.


Glad it was helpful and kudos to Verizon

From Josh Kirschner on February 12, 2018 :: 3:48 pm

It was smart strategy from Verizon to prevent using your SSN as your PIN, other carriers should implement the same policy.

Account Drained in 5 minutes!

From Frieda Franchina on February 13, 2018 :: 2:55 pm

I do not have a landline, only a TMobile phone. I got a text message: Thanks for Choosing Metro PCS! Amount due will be $58.00.
Then my phone went dead. I could not call, text, or use the internet. I drove over to the TMobile store, where they spent 90 minutes with TMobile CS and Metro PCS, who is their sister company. They dialed my cell number: “The number you have called is no longer in service.”
They gave me a temp phone number and when I got home, I checked my email on my computer. My Wells Fargo bank sent me a message that I had sent money to Marvin Jesus using Zelle. Zelle is like PayPal or Venmo, but…instead of waiting 3 days for the transaction to be complete, it ONLY TAKES LESS THAN 5 MINUTES!
I drove to my bank, and they said they had tried to call me, but guess what? My phone was not working, so WHY did they allow the Zelle to go through?
My son contacted me via FB and asked why his phone wasn’t working, and got the same message from his WF bank. His account was drained of all but $1.
*We now have Port Protection and a 6 Digit PIN on our TMobile account.
*Fraud alerts on all the credit reporting agencies.
*Changed all our User Names & Passwords on email, banks, and social media accounts.
*Filed a police report.
*Got my original Phone number back
*Just got a letter last week from my bank saying they put the money back into my account as a “provisional credit” until the case is closed.

It was the perfect storm between TMobile/Zelle/Wells Fargo. Don’t let this happen to you.


Meet too.

From Michelle on March 24, 2018 :: 3:39 pm

This exact thing happened to me. I want to know more about the zelle and Wells Fargo’s connection with them and responsibilities. Wells Fargo told me that they would not fill my bank account with the provisional money lost until 10 days or more during which time they would do an investigation.
After reading your post I am walking straight into the local branch and complaining yet again that this was their fault to use zelle and allow money to transfer without contacting me ahead of time.


What about Virgin Mobile?

From God bless you on February 17, 2018 :: 10:45 pm

Thank you for alerting us to this scam! I sent your article to some friends who were grateful and will pass it on smile I’m just wondering if Virgin has a site to change or create a port-out pin? Please let me know. I’ve looked on their site but found zero info on this.


Use your Virgin account PIN

From Josh Kirschner on February 28, 2018 :: 3:28 pm

The PIN you use to port a phone from Virgin is the same 6-digit account PIN you use to login to your account online. If you’re not sure what your account PIN is, it may be worth checking with Virgin to ensure it isn’t something easily guessed. You can do that online with the “Forgot PIN” option when you try to login to My Account or, if you don’t remember your security questions, you can call 1(888)322-1122 to request a supervisor so they can take you through Virgin’s “Alternate Authentication” process. No indication on the site what that alternative process is. Hopefully, it’s not something easily socially engineered by hackers.


Tmobile/Zelle/Wells Fargo

From Kyle Hammond on April 03, 2018 :: 11:45 pm

Same exact thing as Frieda and Michelle. $2500 gone from my account in 11 minutes total from my number being ported out. TWO minutes after my wells fargo password was changed?! The only reason I even knew was the email from well fargo telling me about my password change and money transfer. No alert or “hey, are you actually doing this?” On day 2 of their estimated 10 days to investigate, with no promise of my money being returned.



From Anon1 on July 08, 2018 :: 2:50 pm

Did u ever get ur $$ back??


Verizon PIN Secure?

From DirkC on July 29, 2019 :: 9:40 am

Verizon’s 4-digit PIN authenticates a user to speak with customer service. Does that negate the value of a strong password? Will VZW do a port-out with a 4-digit PIN?


It's probably not as bad as it sounds

From Josh Kirschner on July 29, 2019 :: 10:36 am

I’m assuming Verizon requires a 4-digit PIN only when you’re calling in from your own phone number - you shouldn’t be able to access your account calling in from some random number with only the PIN. It also depends on what security Verizon has in place to prevent PIN guessing. Does it lock the account after 5 or 10 unsuccessful PIN attempts?

Assuming these two pieces of security are in place, the PIN is an extra layer of protection that wouldn’t negate having strong passwords.


Vzw is good

From Anon1 on August 03, 2019 :: 7:47 am

The pin is just for the act owners convenience. When talking to support at Verizon,  they use geolocatoon and up address to verify you.  Even then they usually make u call them on their phone,  they have voice recognition.  Verizon is imo the best in defense as far as hacked accounts go.  None of it matters anyway,  cuz the port out scam is almost always perpetrated by employees of the phone company who are"bought out”  for a few tho per account.


*few thousand per account

From Anon1 on August 03, 2019 :: 7:52 am

*few thousand per account


Verizon pin

From Sandy on March 08, 2022 :: 8:20 am

Are you really telling me that UT us verizon employees. If so that would answer alot of questions.  I know something was hitting my phone. Called Verizon several times I think they thought I was just paranoid cause they say no no your account us fine. But u couldn’t call anybody til they did their re up on my network name . So they gave all my unfo…info…. and I’ve been conversing with the ebemy????!!enemy????!!! Now what shut everything down but that would not matter would it since they may have all my info. Help


More on VZW

From DirkC on August 03, 2019 :: 8:36 am

ANON1, If I’m a VZW customer, I have to worry about the OTHER carrier validating my credentials, not VZW, right?

I figured out that the reason to secure my VZW account login is so the thief can’t login and change my PIN.

It appears that the industry is working on this problem. In the meantime I can make sure my PIN isn’t “1234” or the last 4 digits of my social, I can implement 2FA and a long password. But since this system relies on the honesty of carrier employees, I don’t see a foolproof solution.

That’s bad news because our phones are used in many ways as keys to our sensitive online accounts.


phonenumber porting

From Linda Langlois on January 04, 2020 :: 5:39 pm

this happen to me and its a nightmare all my emails banking amazon account the theif then went shopping and it was on my bank card ....


Love getting helpful tech tips? Subscribe to our free newsletter!

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.