The SIM Swapping attack allows a criminal to steal your phone number and gain access to all of your accounts.
What is a SIM card?
SIM stands for Subscriber Identity Module and is a small removable chip card that is inserted into the phone. Each SIM card is unique and tied to your number. You can insert your SIM card into another phone and your number and all account information will be transferred to the new device.
How is the SIM card replaced?
SIM Swapping starts with an attacker contacting your carrier impersonating you. He may say that he has a new SIM card to activate the account, but the phone and the old SIM card are lost or damaged. Your carrier will most likely ask for some information to verify your identity, such as a PIN, security questions you provided, or passport details.
After verifying your identity, a cybercriminal can reassign your phone number to their SIM card. Basically, he has unlinked the number from your phone and linked it to his SIM card. In this case, an attacker can reset passwords from all your accounts and pass any two-factor authentication. As a result, a scammer can gain access to multiple accounts, email, payment systems, social networks, online stores, etc.
How does a criminal find out passport data?
In recent years, there have been thousands of data breaches with billions of records that include payment details, passport details, names, email addresses, passwords, phone numbers, residential addresses and dates of birth of clients of many companies.
For example, in 2020, the passport data of online voting participants was leaked, however, only the series and number of the passport were disclosed, by which it is impossible to directly identify the owner. But by comparing the numbers with other leaks, you can easily identify a citizen.
How does the criminal find out the PIN code?
According to cybersecurity researchers, there is a high chance that your PIN matches your date of birth, residential address, or zip code. This data can also be leaked, and a cybercriminal can try to guess the PIN.
If the scammer is still unable to determine the correct PIN code, he will simply tell the telecom operator that "he set this PIN code a long time ago and no longer remembers it." Therefore, the operator will ask you to name the passport data that the attacker already has. Transferring a SIM card takes a few minutes. After that, you will no longer be able to activate your account on your phone.
How do you know if your SIM card has been changed?
There are several clear signs that you have been the victim of this attack:
Text messages and calls stop working;
You receive emails about account changes;
You have discovered that your social media accounts have been hacked;
The scammer will take money from your card.
If you see all of these activities, please let your carrier know.
How can I prevent SIM card spoofing?
There is no specific answer to this question, but there are several steps you can take to improve your protection:
Reset your PIN on your carrier account! Choose a secure, complex PIN that only you will know. Do not use information that could be leaked - address, date of birth, passport series and number, etc.
Set up the privacy of your social media accounts! In a major Facebook data breach in 2021, no credentials were stolen, and the information collected was extracted from public profiles.
Make personal information available only to you or trusted friends!
Use a two-factor authentication app that doesn't use SMS messages!
Ask your carrier how they can protect you from SIM card spoofing! Your operator may already have strong protection. Customers have the right and should actively demand improved safeguards in order for the company to implement them.