Subscriber Identity Module (SIM) swapping is a technique sometimes used by criminals to steal digital assets from online platforms. The process is involved and usually happens where the criminal suspects the victim to hold something of value.
How the scam works
Criminals identify a victim likely to own large amounts of digital currency prior to obtaining their phone number and identifying their mobile carrier.
Using social engineering, the criminal will trick a customer service representative at the victim’s carrier to port their phone number to a different SIM card under the criminal’s control. Thereafter, any phone call or SMS intended for the victim is instead diverted to the criminal.
All the criminal then needs is the victim's username (usually their email address) in order to trigger a password reset for any account held using SMS-based or mobile two-factor authentication.
The process involves a 2FA security code sent via SMS that is intercepted by the criminal who is then able to enter a new password and gain control of that account.
Signs That Indicate a SIM Swap Attack
SIM swapping will cause your phone to behave abnormally. Here are some signs that you might be a victim:
- Service changes. You receive a message from your provider that your SIM card or phone number has been activated elsewhere, this is the first sign.
- You cannot send or receive texts and phone calls. Once the scammer activates your SIM on another device, your phone number becomes unusable.
- Security notifications. Receiving alerts about changes to your profile data, such as passwords and security questions, is another sign. Failed login attempts from unrecognized sources are yet another clue that you’ve been hacked.
- Restricted access to your online carrier account. Scammers will lock you out of your provider's online account to stop you from contacting them for help.
- You are no longer able to use apps on your phone. SIM swap attacks prevent you from logging into your phone apps and accounts.
- Unusual activity on your social media accounts. SIM swap attacks usually target victims who have valuable online accounts — like a sizable audience on Twitter, LinkedIn, or Instagram. Strange online activity from social media accounts can indicate account takeovers.
Tips to protect you and your digital assets:
- Protect your personal and financial information. Don’t advertise your phone number, address, or financial assets, including ownership or investment of cryptocurrency, on social media sites.
- Take precautions when sharing mobile account information with representatives over the phone. Verify the call by dialing the customer service line of your mobile carrier or place a note on your account that changes must be done in person.
- Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts.
- Do not store passwords, usernames, or other information for easy login on mobile device applications.
- When you buy a SIM card, you also get a PIN for it. This four-digit code activates the SIM card when you insert it into your phone.
- Place a port freeze or number lock:
- Call your cell phone provider and ask for a port freeze and lock the account to your current SIM.
- T-Mobile also offers Account Takeover Protection for free to keep your number safe from unauthorized port-outs.