Securing Your Account
Three uses information we have relating to you to verify your identity when you contact us through our care channels. If your information becomes available to third parties, they could be able to access your account by impersonating you. They could then be able to change the details on your account, or take over your phone number.
If a fraudster gains control of your phone number they are able to contact individuals at your cost. If you use services with any providers such as banks who send two-factor authentication codes by sms, fraudsters may be able to intercept these messages, resulting in financial and other loss.
Three has measures in place to prevent this kind of fraud, however if fraudsters have enough information about you, it may not be possible for us to know when you are being impersonated for fraud purposes.
What should you do?
We recommend that you follow these simple steps to help stay secure:
- The more information we have about you, the more questions we can ask to verify your identity. If you have an unregistered account, you should consider registering it.
- Never disclose any sensitive or personal information such as login details, bank details, passwords or passcodes to any source.
- Don’t put personal information about yourself online.
- Don’t call or text back to suspicious or unfamiliar numbers.
- Don’t reuse passwords across multiple accounts. If one of your accounts has been hacked, fraudsters may be to guess the password to another account.
- Never ignore a message alerting you to a pending SIM swap request on your account.
- If you experience a sudden loss of service, contact Three immediately.
- If you register your phone with another service for two-factor authentication, be sure to monitor it for unusual activity. Do not register a rarely-used phone number for two-factor authentication.
- Protect your mobile device via password or biometric security. Where possible, set the screen auto-lock timer to activate after just a few minutes of inactivity.
- Disable automatic connections. Some devices automatically allow connections to available Wi-Fi networks, and Bluetooth devices may connect and transmit data without your knowledge.
- Consider using your manufacturer’s applications which allow you to find and track your device if lost. These applications also give you the option of locking or wiping your phone remotely if required.
- Do not open emails from unknown sources – even if these appear legitimate or authentic and seem to come from your banking institution.
- Never follow a link provided to you in an email to access the Internet Banking site for your banking institution. Instead physically type the address into the browser address bar.
Additional guidance
From Three:
https://www.three.ie/news/three-team/4-ways-to-spot-scams.html
From An Garda Síochána
https://www.garda.ie/en/crime/fraud/
From The Data Protection Commission
https://dataprotection.ie/en/dpc-guidance/blogs/when-your-personal-data-has-been-affected-breach
From Citizens Information
https://www.citizensinformation.ie/en/consumer/common_consumer_problems/scams_and_fraud.html
From The Competition and Consumer Protection Commission
https://www.ccpc.ie/consumers/money/scams/scams-what-to-watch-out-for/
From Fraudsmart (identity theft guidance)
https://www.fraudsmart.ie/personal/fraud-scams/phone-fraud/identity-theft/
From “Which?” Magazine
From Experian:
https://www.experian.co.uk/consumer/identity/what-to-do-if-victim.html