Archive for August 5th, 2022

Set your phone’s passcode … right now!

August 5, 2022

Tips from my “hacked” experience

In a prior post, I recounted how I got hacked …

A perp hijacked my cell phone numbe,  used it to breach my BofA bank account and withdrew a statistically significant amount of money.

For details of the sophisticated hack, see:
I was HACKED … and my story is worth reading!


The first lesson that I learned (again) is that cell phones are the weakest link in online security.

Step #1 is to secure your phone with — at a minimum – a passcode.

Yeah, it’s an annoying inconvenience, but…

It’s not just to keep kids from grabbing your phone to play games … or keep peering friends & family from sneaking a peek at your texts and emails.

If you lose your phone (or have it stolen), it buys you some time to call your carrier and de-activate your number.

An amateur may get stymied trying to guess which of the 10,000 possible 4-digit numeric codes you use on your phone … a hack-pro can eventually crack the code, but it takes time & effort, so it buys some time … and the perp may just toss the phone and hunt for a non-passcode phone.

Of course, if your phone is equipped with fingerprint or facial recognition, consider using it.

It adds to the inconvenience, but it ups your phone security by orders of magnitude.


Why is this important?

If perps can open your phone, they can see where you have accounts.

For example, they can scan text message alerts that you’ve received from your banks and credit card companies.

Bingo, they know where you keep your money.

Then, they can go to the banks’ web sites and simply click “Forgot user ID & password “.

The bank will likely recognize the device (remember, the perps have your phone) … and, if you’ve activated 2-factor authorization, the bank may unwittingly send the 2FA code to your phone … which the perp is holding in his hand.

BINGO … account breached … and the perp is off to the races.


P.S. My phone wasn’t lost or stolen.  It and my number) were hijacked when my carrier “sold” a perp a new iPhone, charging my account and over-riding my activation with the fraud purchased phone.

My bet: A likely “inside job”.

You (and I, now) are way more likely to lose our phones (or get them stolen) than getting them hijacked … which is why passcode protecting them is important.

Again, doing so may cut off some easy paths to your accounts … and may at least buy you some time to contain possible financial damage.

P.P.S. If you have any anti-hacking ideas, please post a comment or email me.

%d bloggers like this: