Lock It Down: How AT&T’s Account Lock Feature Raises the Bar Against SIM Swap Attacks
Introduction SIM swapping-also known as SIM jacking-continues to enable attackers to hijack phone numbers, intercept two-factor codes, and compromise everything from email accounts to crypto wallets. AT&T's new Wireless Account Lock is a long-overdue, critical layer of protection, designed to close off one of the most exploited social engineering attack paths. For customers of AT&T, Critical Path Security recommends immediate activation of this feature and incorporating it into mobile security strategies. What AT&T's Wireless Account Lock Does This new feature allows AT&T customers to proactively prevent key account changes, including: SIM and eSIM swaps Phone number transfers Billing address or payment info edits Addition or removal of authorized users Upgrades or purchases billed to the account Accessible via the myAT&T app or website, this lock can only be toggled by the account owner or designated secondary users. Notifications are sent whenever the feature is enabled or disabled, serving as a…