Martin Lewis' Mobile Security Advice: Technical Implications for Security Teams

Financial expert Martin Lewis recently issued urgent advice for mobile phone users to dial a 5-digit code (*#06#) to retrieve their device’s IMEI number, a recommendation that carries significant security implications beyond consumer protection. This guidance, shared on The Martin Lewis Money Show Live (ITV, March 11, 2025), comes amid a 40% increase in UK phone thefts targeting financial data^1,2.

Technical Breakdown of IMEI Security Measures

The IMEI (International Mobile Equipment Identity) serves as a unique hardware identifier for mobile devices, functioning similarly to a MAC address in network security. When users dial *#06#, the device displays this 15-digit code, which can be critical for incident response teams tracking stolen devices. Security professionals should note that while IMEI tracking helps law enforcement, determined attackers often modify this identifier through firmware flashing or specialized tools like Octopus Box³.

For enterprise security teams, this public advisory highlights several technical considerations. The recommendation to screenshot and email the IMEI creates a potential attack vector if stored insecurely. Organizations should evaluate whether their mobile device management (MDM) solutions already capture this information through APIs rather than relying on manual user input.

Additional Security Recommendations with Technical Depth

Lewis’ broader security advice includes several measures relevant to organizational security postures:

Recommendation	Technical Implementation	Enterprise Considerations
Biometric security	FIDO2/WebAuthn implementation for banking apps	Evaluate biometric bypass techniques (e.g., sensor spoofing)
Disable lock screen notifications	Android: Settings > Apps > Notifications > On Lock Screen iOS: Settings > Notifications > Show Previews	MDM policy enforcement for corporate devices
Tracking apps	Apple Find My (BLE/Wi-Fi/UWB) Samsung SmartThings (UWB/BLE) Google Find My Device (network-based)	Evaluate enterprise tracking solutions with kill switch capabilities

The banking security tip to dial 159 connects directly to legitimate bank lines, bypassing potential phishing attempts. From a red team perspective, this represents an interesting case study in verified communication channels that could be adapted for internal security protocols⁴.

Security Team Implications

For incident responders, the IMEI provides a forensic artifact that persists even after factory resets. Security operations centers should ensure their SIEM solutions correlate IMEI data with:

Device enrollment records in MDM systems
VPN authentication logs
Physical access control systems (for organizations with mobile-based entry)

Threat hunters should monitor for IMEI changes on corporate devices, which could indicate attempted hardware spoofing. The 159 banking verification number also presents an opportunity for organizations to establish similar verified callback procedures for sensitive operations.

As mobile devices increasingly serve as both authentication factors and access portals, Martin Lewis’ consumer advice underscores broader security principles that enterprises should adapt with appropriate technical controls and monitoring capabilities.