How do you protect ? (devices, 2FA, etc.)

[euro]

Yes, despite a polite request, the OP doesn't seem inclined to oblige. Many of us simply refuse to click on those naked links without a good reason, so it seems pointless to start a discussion with one.

+1

 

[explanade]

In my case, I contacted T-Mobile and they set a "Phone number port validation passcode" which is 15 digits.

 

[qwerty3656]

In my case, I contacted T-Mobile and they set a "Phone number port validation passcode" which is 15 digits.

So they give you that number and in order to change your sim, you would have to provide that number?

 

[explanade]

So they give you that number and in order to change your sim, you would have to provide that number?

That's the idea, so that someone can't port my number to a new SIM card that they possess and receive all my 2FA calls on their phone.

 

[gauss]

^ Well here's to hoping that this may bring Vanguard into the 21st century with modern 2FA methods (google authenticator, email , phone app etc) that do not implicitly trust having a stable telephone number.

 

[brett]

We do not have data on our phones. We do not need it.

But.....if we did we would certainly never use it for financial transactions or for accessing any financial accounts. Or any other confidential or sensitive data for that matter. Call us old fashioned or paranoid if you will. This from someone who spent their career in IT.

We password protect all of our gadgets (phones, ipads, desktops, laptops) and we change those passwords on a regular basis. Same for financial institution accounts, credit card, and government services passwords, etc.

 

[tb001]

Thank you, thank you, thank you for posting this. DH is traveling and we believe this just happened to him. Our first call was to vanguard to freeze accounts. They told me they’re seeing more and more issues with this. They also said there should be emails sent out with and find transfer requests and a 10 day window to reverse them. And that we would be made whole in the case of fraud. But had we not read this article, we would have had no idea what happened.

 

[Sojourner]

Thank you, thank you, thank you for posting this.

+1

I just logged into my AT&T mobile account and changed my 4-digit PIN, which is what a scammer would have to know and provide to a CSR when trying to do a SIM hack. Feel much better now. I wish it was longer than four digits, but at least it's something. Also changed my security questions/answers, just in case. You really have to stay on top of this stuff!

 

[Sojourner]

well here's to hoping that this may bring Vanguard into the 21st century with modern 2FA methods (google authenticator, email , phone app etc)

Absolutely! It's truly mind boggling that Vanguard still don't support the most popular, secure, free 2FA methods like Authy and Google Authenticator. And some sites, like TD Ameritrade, don't support any form of 2FA other than "SIM hackable" SMS! You'd think this would be a top priority for the development teams at every large financial service company in the world.

 

[qwerty3656]

I just called Tmobile to ask about this. They said they didn't really have a sim lock option and that they would send a 1-time code to me before changing my sim.

 

[explanade]

Google just announced they are turning on 2FA for as many accounts as they can by default, rather than having people dig through settings pages to enable them.

https://arstechnica.com/gadgets/2021/05/google-will-soon-start-automatically-enrolling-users-in-2fa/

 

[homestead]

I looked at Vanguard site and they only offered security codes for phones by text or voice which they said was more secure than email.

 

[dixonge]

Many of us simply refuse to click on those naked links without a good reason, so it seems pointless to start a discussion with one.

I'll admit to being a bit surprised at the number of people who seem to have an aversion to clicking links. Given that this is pretty much the entire reason for the internet, could you explain why 'many' *refuse* to click on links?

 

[Sunset]

I'll admit to being a bit surprised at the number of people who seem to have an aversion to clicking links. Given that this is pretty much the entire reason for the internet, could you explain why 'many' *refuse* to click on links?

Because a link to take you to a site that will automatically download a virus to your computer.

 

[braumeister]

Anyone who willingly clicks on unknown links is ignoring the most basic standards of internet safety.

There is also the issue of it being against our Community Rules:

Please do not post “naked” links, defined as links posted without explanation, interpretation or context.

 

[Sojourner]

I will not click on a link to a domain I don't recognize, and I always carefully inspect the URL of any link I'm about to click to ensure it's using HTTPS and that it definitely points to a "trusted" domain. The naked link in post #1 of this thread points to a page at https://www.cnn.com, which is very safe.

 

[MichaelB]

Adding context, a snippet or a personal comment is a courtesy to fellow forum members. It’s also spelled out in our community rules, here.

Posting standards: Forum members may use standard fonts available on the forum. The standard font size is 2. The use of bold, large or colored fonts should be used sparingly. Posts containing inappropriate formatting will be removed or modified at our discretion; e.g. all caps or excessive color. E-mail addresses, url's and business names are not appropriate forum user names. Please do not post “naked” links, defined as links posted without explanation, interpretation or context.