T-Mobile is one of the leading providers of mobile service, and as such, it has a responsibility to protect its customers from SIM-swapping attacks. This is why the company has developed a new security feature that helps customers prevent this from happening. The new feature, called T-Mobile Protect, uses two-factor authentication to help protect customers’ accounts from being accessed without their permission. This way, attackers cannot access your account if they are not already authenticated. T-Mobile Protect is available now and can be found on the company’s website. If you have not yet installed it, please do so now so that you can keep your account safe from SIM-swapping attacks.

The attacks usually involve someone contacting your carrier’s customer support, pretending to be you, requesting a new SIM card. If they are successful, they can obtain a new SIM card and activate it on a device they own — revoking connectivity and the number from the device you own. SIM swap attacks are commonly used in conjunction with SMS-based two-factor authentication and passwords from other data breaches to break into a person’s online accounts.

Each mobile network has tried various strategies to combat against SIM swapping, such as better training for customer support representatives and new authentication measures, but it still happens occasionally. T-Mobile is rolling out a new account setting for customers, called SIM protection, which blocks any SIM changes (such as activation on another device) until the block is removed.

The option isn’t enabled by default, possibly to avoid disruptions for people that swap SIM cards between devices they own. If you’re on T-Mobile, you can find it in the “Privacy and notifications” section of your account settings — the source link below has more detailed instructions. It can be enabled for all phone lines on an account, or you can flip it on for each line individually.

It’s great to see more security options for phone lines, especially as many carriers struggle with implementing features that are common in other types of online accounts, like app-based two-factor authentication. Here’s hoping all networks implement a similar feature.

Source: The T-Mo Report