Carriers need to independently verify LOAs

Sean Donelan sean at
Mon Apr 19 17:20:22 UTC 2021

On Sat, 17 Apr 2021, Eric Kuhnke wrote:
> Anecdotal: With the prior consent of the DID holders, I have successfully
> ported peoples' numbers using nothing more than a JPG scan of a signature
> that looks like an illegible 150 dpi black and white blob, pasted in an
> image editor on top of a generic looking 'phone bill'.

All carriers should independently verify any LOAs received for account 

Documents received from third-parties, without independently verifying 
with the customer of record, using the carriers own records, are just junk 

Almost no carriers verify LOAs by contacting the customer of record. 
Worse, they call the phone number on the letterhead provide by the scammer 
for "verification."

The U.S. Postal Service used to let random people change mail forwarding 
orders, without verifying with the original and new addresses. As you can 
guess, there were lots of fake forwarding orders and criminal activity. 
After USPS begin verifying mail forwarding orders by sending a letter to 
the ORIGINAL address and NEW address, mail forwarding fraud declined.  Not 
zero, but declined.

More information about the NANOG mailing list