Skip to main content
Find a store
Help
Cart

Join today—call 888-258-1974 or shop online and get free shipping and no activation fees. No ID needed.

Prevent Account Takeover Fraud

Use this page to understand what account takeover fraud is, how to protect your services, and additional steps to secure your account. 

How To Fight Account Takeover Fraud

There is no doubt that wireless technology and device innovation have transformed our day-to-day lives and our mobile devices are vital. Account takeover fraud occurs when a criminal takes control of a wireless customer’s account and phone number so they can send and receive calls and texts as if they were the customer. The goal is often gaining access to the customer’s financial, email, social media accounts, and wireless phone numbers. These are usually targeted as the first step because many platforms and apps rely on a one-time PIN sent via text or phone call to authenticate customers. 

If you believe someone has made unauthorized changes to your account, call Metro by T-Mobile immediately, either by dialing 611 from a Metro by T-Mobile phone or 1-888-METRO-8 (863-8768) from any device. Metro by T-Mobile also supports law enforcement investigations of specific fraud cases.

FAQs

  • SIM swap fraud occurs when a customer’s phone number is assigned to a new SIM card and mobile device without their knowledge or consent. Fraudsters may use the victim’s personal information or mobile account information, including phished passwords or fake IDs, to impersonate the real customer and make the SIM card change. Normally swapping a SIM card between devices is a legitimate service that allows customers to upgrade or replace a lost or stolen device.

  • Porting a phone number occurs when a switches to another carrier while keeping their number. Allowing customers to port their numbers is a legitimate practice and an important freedom that helps customers choose carriers and plans that best suit their needs. Fraudulent porting happens when a fraudster gains access to the victim’s mobile account information, often by phishing the account password, to port the victim’s number to a new account at a new carrier.

  • There is no silver bullet when it comes to data security and Metro by T-Mobile is constantly evolving its safeguards to respond to new risks and new ways used to commit fraud, including but not limited to:

     

    • Working with law enforcement and security experts to learn about new fraud techniques to anticipate new threats. 
    • Conducting extensive training of Care reps on how to spot scams and using the latest processes and protections available for customers. 
    • Continuously planning, testing, and implementing a variety of technical improvements to identify and respond to risks and fraud attempts. 

     

Account Verification

How you can protect your accounts

All Metro by T-Mobile accounts are protected by a 6-15 digit PIN. A number cannot be ported without verification of that PIN. We also use this PIN to authenticate your account when calling into Care or visiting a retail location. It’s important to have a strong and complex PIN that is frequently changed and can’t cannot be easily guessed or obtained. If you have forgotten your account PIN - we require a One-time PIN (OTP) to update your account PIN.

When creating a pin, it must be 6-15 non-sequential alphanumbic characters. Once a PIN has been created, new and existing customers are required to setup security questions. For more information about managing your account and logging in see Manage My Account

When conducting the following transactions, a one-time PIN is required

  • Device/SIM Change request
  • Port-Out PIN generation
  • Updating PIN
  • Updating Address
  • Add/Remove of Account Takeover Protection features

 

PIN Requirements

You cannot use information from your account, such as Date of Birth, SSN, Phone Number, Account Numbers, etc. For example, ineligible PIN formats:

  • Sequential (such as 3456789) Repeating (such as 4444) 
  • The beginning or end of the mobile number 
  • A mobile number on the account or your Billing Account Number
  • Federal tax ID number, Social Security number, or date of birth 
  • In addition to the above - You cannot use the below combinations:
    • Repeating sequences of 2-5 characters (123123)
    • Repetitive numbers [2 max] (111222)
    • Repeat of calendar years (20082008)
    • Sequential number sequence (01234567)
    • Repeated numbers (111111)

Protecting Your Account

There is no silver bullet when it comes to data security and Metro by T-Mobile is constantly evolving its safeguards to respond to new risks and new ways used to commit fraud, including but not limited to:

  • Working with law enforcement and security experts to learn about new fraud techniques to anticipate new threats.
  • Conducting extensive training of Care reps on how to spot scams and using the latest processes and protections available for customers.
  • Continuously planning, testing, and implementing a variety of technical improvements to identify and respond to risks and fraud attempts.

Add SIM Swap Protection

SIM Change Protection is a free feature offered to all Metro by T-Mobile customers. SIM Change Protection provides additional security to your account to protect you from the most common instances of SIM swap fraud.  Note: SIM protection does not prevent eSIM transfer on Apple devices, due to the extensive security steps already included in that process. 

Add Port Out Protection

Port Out Restriction provides you the option to further secure your account by not allowing your mobile number to be ported out to another service provider, when enabled. 

  1. Log in to your Metro online account or the Metro app.
  2. Select Account.
  3. Select Account Options.
  4. Select Account Protection.
  5. Select Port Out Protection, then select On.
  6. Select Continue.
  7. To complete the transaction a One Time Pin (OTP) will be sent to your device to verify the change request.

Reporting Fraud

  • Anonymous callers: The FCC mandates that mobile carriers allow callers the ability to block their caller ID information and place anonymous calls. Metro by T-Mobile is obligated to honor the privacy of the caller in these circumstances. Metro by T-Mobile can't block anonymous calls or override the privacy choice of the caller, but you may choose not to accept them. To make an anonymous call yourself, dial *67 before dialing the number you are calling. For more information about privacy and security, refer to o Privacy Policy
  • Verified callers: We follow the FCC standards of STIR and SHAKEN to help fight scam callers industry-wide in addition to our own call authentication. 
    • Number Verified is available on capable devices and will indicate that the incoming number has been validated and authorized. Review the Tech Specs for individual devices to determine if this service is available. 
    • Spoofed calls occur when scammers illegally mimic originating telephone numbers. 
    • Number Verified helps confirm if the calling number is accurate and not impersonating another phone number.

Need more help?

Visit our Metro by T-Mobile Support site and fix the most common issues, right from your device! If you still have questions, contact us.

Metro Support Contact us
   Survey Link