You’re sharing your cell phone number too frequently – USA TODAY
No matter what Americans do to protect their digital privacy, especially on our handheld devices, itâs impossible to keep up with new threats. Now, thereâs a new risk to our privacy and security: Our cell phone numbers are being used increasingly by information brokers as the window to personal information thatâs kept by nearly all corporations, financial institutions, and, yes, social media networks.
Among those sounding the alarm bell is private investigator and former FBI agent Thomas Martin, who recently wrote a blog post titled, âYour cell phone number is your new Social Security number.â Martinâs message was clear: We are way too lackadaisical about keeping our numbers private.
âIf someone you had just met asked you for your social security number, you would likely not give it to them. What if the same person asked you for your cell phone number? My guess is that you would readily tell them the ten-digit number,â he writes.
Well, too many of us are likely to divulge our ten-digit number in a flash, as millions of us do in stores and online on a daily basis. Your cell phone number, unique to you, is the gateway to your identity. It provides an entrance to all the data contained on your phone, and can connect your other information to you â your email address, physical addressâeverything.
More on cybersecurity:
Once Martin told me all this, I started to pay attention to how often Iâm asked for my cell number, either in person or online. Amazon does. Netflix, too. My bank. My health insurance company. And just the other day, shoe retailer Johnston & Murphy demanded it when I was buying a $69 belt. I balked, and they let me buy the belt anywayâbut when I went back to return it a few days later, the clerk said: âYou canât return it without providing your cell number.â I explained I didnât want it in the companyâs database, so she made up a number to type in, but not before smiling at me and saying with a scary smile: âWe want all the information about you we can get.â
Yes, I know. Of course, when I called the retailer in Nashville, Tenn., vice president of e-commerce Heather Marsh told me asking for a phone number is all about the consumerâs convenience. It makes shopping faster because itâs âeasier to get [access] to your recordsâ if youâve made a purchase there before. Marsh promised me itâs not used for marketingâbut thatâs only one leg of this two-legged monster. Once in the database, your phone number becomes another piece of personally identifying data. But unlike our Social Security numbers, âthis number is not regulated, and no companies are mandated to keep it private,â Martin explained.
Our mobile phone numbers are a âtasty targetâ for attackers these days, says JD Sherry, chief revenue officer at cyber security company Remediant.Â Most Americans have gotten wise to phishing as an entry point to email breaches, but Sherry is eager to discuss an emerging trend called SMiShing (pronounced âsmishingâ). âThis is the act of sending a text message containing questionable links to websites that might not be in your best interest to visit,â he said.
âThe bad guys,â as Sherry calls the hacker class, want to steal your credentials or install malicious software so, for instance, they can log into your banking site as you. Then, we all know what can be done: Monies transferred. Checks written. Stocks sold.
Even seemingly innocuous requests like the one from the Johnston & Murphy sales clerk can open a Pandoraâs box. While Marsh said the company doesnât use the data for marketing, the fact that they now have it means it could be hacked. âCustomer phone numbers have been stolen in a large variety of data breaches including those of Anthem, Citigroup, JPMorgan Chase, Walgreens, and Yahoo,â Eric Vanderburg, director of information systems and security at Jurinnov Ltd., explained. All true.
What you can do:Â
1. Use common sense: If youâre asked for your phone number, ask why. In general, donât give it out to people you donât know see if you can leave it blank on online formsâeven if that means it may take a few seconds more to identify you the next time you make a purchase.
2. Get a virtual phone number: This is similar to a virtual credit card number, where you have whatâs essentially a fake number as your public number. Hereâs where you can get one from Google Voice. https://voice.google.com
3. Enable two-factor or multi-factor authentication on all your devices: This is what happens every time you go to an ATM: to make a withdrawal you need both your debit card and a PIN number. Thatâs two-factor authentication, which amps up the level of security on your devices.
4. Sign up for the âdo not callâ lists, which are helpful for run-of-the-mill solicitations. JD Sherry warned me, however that âhackers donât subscribe to such lists.â Well, at least you wonât get as many peskyÂ marketing calls.
5. Get more than one cell phone: Former FBI agent Tom Martin has three, but he only gives out the number to the phone that contains no data or links to personal information.
6. Choose which private data you are willing to share: When asked for your cell number, especially at a retailer, you may be able provide an email address, zip code or just your name as a way to identify you. Itâs worth asking about.
Of course, all of this takes more time and effort and raises the larger question: How much privacy and security are we willing to trade away for a little more convenience? Thatâs up to each of us to decide.
How much of your security are you willing to forego for convenience? Let me know in the comment section below.