Cybersecurity 
Securing privileged accounts with FIDO2 security keys is the best way to protect them from internal and external threats because they offer enhanced security and convenience
5 min read
Published on October 02, 2024
If a scammer has your phone number, you should lock your SIM card, secure your online accounts with strong passwords and block spam calls from your phone. With your phone number, scammers can do several things, including target you with phishing attacks, spam calls, spoofing attacks and SIM swapping. These kinds of cyber attacks can lead to your personal information being compromised and even your identity being stolen.
Continue reading to learn how a scammer got your phone number and what to do if a scammer has your phone number.
How scammers get your phone number
A scammer may have gotten your phone number from these sources:
- People finder sites that collect and publish your personal information based on public records
- Social media profiles, which is why you should avoid oversharing on social media and keep your profiles private
- The dark web, where your compromised information from a data breach or hacking can be used by cybercriminals
- Phishing emails, which trick you into sharing your phone number by impersonating legitimate people or businesses
6 steps to take if a scammer has your phone number
When you realize a scammer has your phone number, you may feel nervous or frustrated, but there are a few steps you should take immediately to protect your identity and privacy.
1. Lock your SIM card
SIM swapping happens when a scammer tricks your mobile carrier into thinking your phone is tied to a different SIM card. A scammer can do this by impersonating you. Once the scammer successfully swaps your SIM card, they will start receiving all your phone calls and text messages on their device. Locking your SIM card is crucial in protecting your privacy and identity, especially when you realize a scammer has your phone number and could be impersonating you to commit fraud. It is essential that you lock your SIM card to avoid a scammer receiving private phone calls or text messages with authentication codes, which could grant them access to your private information and online accounts.
On your iPhone, you can lock your SIM card by going to Settings, then Cellular. Scroll down until you see SIM PIN, then click on it. When you toggle it on, you will be asked to enter your SIM PIN, and if you have never used one before, enter your mobile carrier’s default SIM PIN, which is typically 1111. However, if you are unsure what the SIM PIN is, check with your mobile carrier before guessing – three incorrect guesses will result in losing access to your phone. Once you’ve entered the SIM PIN and updated it to a new one, tap Done, and your SIM card will be locked. The process is similar for Android users. Go to Settings, then scroll down to Security & Privacy. Click More security settings near the bottom of your screen, and tap SIM card lock. Toggle this on, enter the default PIN and tap Change SIM PIN to update your PIN.
2. Secure your online accounts with strong passwords and MFA
It’s important for each of your online accounts to have a random and strong password to prevent a scammer from using the same password to access all your accounts. You should make sure each of your passwords consists of at least 16 characters and a combination of uppercase and lowercase letters, numbers and symbols. Creating a strong and unique password is made easier with a password generator, which is a tool that produces random and secure passwords. Password generators create passwords that are challenging for scammers to crack due to their uniqueness, length and complexity.
In addition to using strong passwords on all your accounts, you should enable Multi-Factor Authentication (MFA), which provides extra security by requiring at least one more way to verify your identity. Enabling MFA will prevent anyone from accessing your online accounts, even if they know your username or password. Some types of MFA include a PIN, a code from an authenticator app, an answer to a security question, your fingerprint or even your geographic location. Without your MFA, a scammer will be unable to log in to your online accounts and potentially steal your identity. However, if a scammer has your phone number, they may try to compromise any online accounts that are linked to your phone number, so it’s important not to use SMS as a type of MFA. Remember that if a scammer SIM swaps, they will receive your authentication codes through text messages, which could allow them to access your online accounts. Instead of using SMS as your primary type of MFA, use a stronger form of MFA such as biometrics, which could be facial recognition or your fingerprint, since a scammer cannot replicate those.
3. Block spam calls from your phone
When you block spam calls from reaching your phone, you protect yourself from falling victim to scammers. Although not every spam call leads to a scam, every scam call is unwanted and has bad intentions, aiming to trick you into revealing private information or sending money to an imposter. Unfortunately, there is no way to block all spam calls from your phone, but you can block most of them in these ways:
- Call your mobile carrier to see what kinds of call-blocking services they offer
- Download a credible spam-filtering app, which will stop spam calls from reaching your incoming calls
- Sign up for the National Do Not Call Registry to reduce the number of spam calls you receive from telemarketers
4. Ignore one-ring phone calls
Have you ever received a call from an unknown number, but it only rings once? Scammers commonly make one-ring phone calls to trick you into calling them back. If your phone rings once and suddenly stops before you get the chance to answer, refrain from calling the number back. Scammers may use local phone numbers but can be from anywhere in the country or even the world, and calling them back can lead to international charges on your phone bill. As a general rule of thumb, only call back phone numbers that you recognize.
5. Never click on unknown links or attachments
If you ever receive an email or text message with an unknown link or attachment, do not click on it. These links or attachments may contain malware, which is malicious software that can be installed on your device without your knowledge and steal your private information. When a scammer has your phone number, they can send text messages with unsolicited links intended for you to click on and enter your personal information, like login credentials for online accounts. However, never click on unsolicited links or attachments because your personal information could be stolen and used to commit identity theft.
6. Report scams to the FTC
Any scam calls that you receive should be reported to the Federal Trade Commission (FTC), which fights against fraud and all types of scams to protect your identity. Once you submit a report to the FTC, you will receive additional steps based on your unique situation and the scam. The FTC will then use the information you share to collaborate with law enforcement to investigate the scam and scammer involved.
Keep your phone number safe from scammers
Scammers can use your phone number for a variety of reasons, including committing fraud, identity theft or hacking into your online accounts. Make sure you keep your phone number safe from scammers by placing a lock on your SIM card and securing your online accounts with strong passwords. You can generate and store strong, unique passwords by using Keeper Password Manager, which features a built-in password generator.
Start your free 30-day trial of Keeper Password Manager today to keep your personal information out of scammers’ hands.
