SIM swap fraud occurs when scammers use your phone number to get access to your accounts by exploiting a flaw in two-factor authentication and verification.
SIM swapping occurs when scammers contact your phone’s carrier and deceive them into activating a SIM card owned by the fraudsters. When this happens, the scammers have possession of your phone number. Anyone dialling or texting this number will be connected to the scammers’ device rather than your smartphone.
Also checkout: Carding Method for Beginners
This is known as SIM swap fraud, and it implies that scammers may enter your username and password while logging into your bank’s website. The bank will then transmit a code – two-factor authentication — to your smartphone number, which you must enter to access your online account. What is the issue? Following a SIM swap, that number is now assigned to the scammers’ smartphone or other device. They can then enter your bank account using that code.
Fortunately, you can guard against SIM swapping. It’s all about preventing scammers from gaining access to your online bank or credit card accounts. It also helps to be aware of the most prevalent warning signals of a SIM swap fraud.
Also Read: Google play carding method
Exactly what does it mean to have a SIM card?
It is necessary to have an understanding of the concept of a SIM card in order to have a complete comprehension of SIM swapping.
A subscriber identity module, or SIM card, is a small card that holds a chip and goes by another name, subscriber identity module. For your smart phone to function, you must first enter a SIM card into it. Because of this, you will be able to send and receive text messages, as well as make and receive phone calls.
The SIM card in your phone stores a significant amount of information. Included in this is information proving that you are authorized to make phone calls and send text messages (SMS). You would only be able to use your smartphone for taking pictures or accessing the internet through a Wi-Fi network if you did not have a SIM card.
Also check: Low security websites for carding
What exactly is “swapping SIM cards”?
Criminals can commit a SIM swap scam by convincing your carrier to link your phone number to a SIM card that is in their possession. This allows the criminals to take control of your phone. Scammers use your phone number as a means of control.
Scammers will first attempt to obtain your phone number through social engineering, but not before collecting as much of your personal information as they can.
The scammers start by calling your mobile carrier while pretending to be you and claiming that their SIM card, which is actually yours, has been lost or damaged. The next thing that they do is ask the customer support professional to activate the new SIM card that the fraudster has.
This will transfer your phone number to the criminal’s smartphone, which will already be loaded with the scammers’ own SIM card. Once your carrier has processed this request, any phone calls or text messages that were intended for you will instead be sent to the device that was used by the scammers.
Also check: eBay carding method
How are fraudsters going to be able to answer the security questions that my cellphone carrier asks? When attempting to determine who is on the other end of the phone, how can they possibly provide any personal information that the customer support representative for your smartphone provider asks for?
It is at this point that the information that scammers have obtained about you through phishing emails, malware, or social media research comes in handy.
Swindlers might send you an email while pretending to be your smartphone provider. This email may inform you that in order to maintain access to your account, you will need to click on a link.
When you click that button, you will be taken to a new page that asks you for personal information such as your name, birthdate, and passwords. Perhaps the page even asks for your Social Security number. After you fill out this form and click “Send,” you have provided the scammers with access to the information that they require in order to trick your mobile phone carrier into falling for a SIM swap scam.
Other scammers will mislead you into clicking on email links that will fill your computer with malware that will record all of your keystrokes, including any passwords or answers to security questions that you type. Once more, this provides the fraudsters with the information that is necessary for them to successfully swap SIM cards.
Also Read: CC to BTC carding method
On the dark web, fraudsters may also purchase your personal information and financial details in order to commit identity theft. These con artists would receive the information they need to successfully carry out their scam if they did this as well.
Scammers use the information they have obtained from you or the dark web to convince your smart phone provider to swap your number to a new SIM card.
These criminals then obtain and control your mobile phone number, which they can use to access your phone conversations with banks and other businesses, particularly your text messages. They will then be able to retrieve any codes or reset your passwords for any of your accounts that are associated with that phone by calling or texting it. That settles it; they are allowed to participate.
How do they get their hands on your money? They might open a second bank account in your name at the financial institution you already use, where the security checks are likely to be laxer because you are already a customer there. It’s possible that the movement of funds in your name between those accounts won’t trigger any alarm bells.
Social media’s role in SIM swap fraud
Scammers can use your social media profiles to gather information about you that will help them impersonate you when they are trying to close a SIM swap scam. This information will help them close the scam.
Give the name of your high school mascot or the maiden name of your mother as the answer to one of your security questions. A con artist might find out that information by looking through your Facebook profile.
However, there is some good news in this situation: if you are being victimized, social media may also inform you of this fact.
Consider the high-profile scam involving a SIM swap that targeted Jack Dorsey, the CEO of Twitter. After obtaining control of Dorsey’s phone number, fraudsters hacked his Twitter account. Scammers sent threatening tweets from Dorsey’s Twitter handle during the fifteen minutes that it took for him to regain control of his account.
Also Read: Amazon refund trick without return
How were the hackers able to obtain access to Dorsey’s phone number? They were successful in convincing Dorsey’s phone provider to let them swap SIM cards, which allowed them to use Dorsey’s phone number with their SIM card and phone.
After that, they used the text-to-tweet service that Cloudhopper provided in order to send their messages through Twitter.
More and more people are falling victim to SIM swap scams.
Scammers are using SIM swap scams more frequently, according to the FBI. According to the FBI, 1,611 SIM swap reports were received in 2021. These offences resulted in more than $68 million in losses.
Only 320 SIM swap complaints were received by the FBI between January 2018 and December 2020, with victims losing approximately $12 million.
Is this a recent instance of this scam? A Tampa resident discovered that he could no longer use his Coinbase account, which allows users to exchange cryptocurrencies, in January 2022. According to a story from WFTS in Tampa Bay, the man later discovered that he could no longer make phone calls or send texts using his smartphone.
Scammers intercepted the man’s two-factor authentication code after obtaining his phone number. This code was then used by the scammers to gain access to his Coinbase account, draining it of approximately $15,000 in cryptocurrency.
A similar incident occurred with another victim last year, according to CNET. After obtaining the victim’s phone number, the fraudsters used his two-factor authentication code to gain access to his Coinbase account and purchase $25,000 in Bitcoin, according to the story.
Also check:
Indicators of a SIM swap victim
It is essential to be able to identify the telltale signs of a SIM swap. This gives you the ability to quickly disable the access that fraudsters have to your phone as well as all of the texts and calls that it receives, giving you the best chance of stopping them before they do too much damage.
Unauthorized social media activity is one cautionary sign, as demonstrated by Dorsey’s case. Tweets sent from Dorsey’s account informed him that his account had been compromised.
However, there are four additional red flags that indicate you could be a victim of SIM swapping.
You are unable to send texts or make phone calls at this time.
Have you been having trouble making phone calls or sending texts? If your phone calls and text messages suddenly stop working, this is the first sign that you may have been a victim of SIM swapping, also known as phone hacking. This is most likely the result of fraudsters deactivating your SIM card and using your phone number for their own purposes.
You will receive updates on the activity of other users.
You are a victim of identity theft if you receive a notification from your phone provider informing you that your SIM card or phone number has been activated on another device.
You are unable to access your respective accounts.
It’s likely that scammers have changed your passwords and usernames, possibly after stealing your phone number, if your login credentials for accounts such as your bank and credit card accounts no longer work. Notify your bank and any other organisations you deal with as soon as you can.
You find receipts for transactions for which you have no memory.
If you are reviewing your online credit card statement and notice several transactions that you do not recall making, you may be a victim of a SIM swap scam. This scam takes advantage of the fact that most people do not change their SIM cards very often.
This is a sign that fraudulent transactions have been made using your credit card number, which indicates that criminals have gained access to your account and used it to make unauthorised purchases.
They might have obtained access to your account by first stealing your phone number and then making use of the information that was sent to that number in order to access your account.
How can you protect against sim swap fraud
Fortunately, there are steps you and your service providers can take to avoid becoming a victim of SIM swap fraud.
- Online behaviour: Be wary of phishing emails and other methods by which attackers may attempt to gain access to your personal data in order to convince your bank or cell phone carrier that they are you. Do not click on links in email messages from unknown senders. Also, keep in mind that your bank, cable provider, credit card company, or other service provider will not request personal or financial information via email.
- Account security: Increase the security of your cellphone’s account by using a unique, strong password as well as strong security questions and answers that only you know.
- PIN codes: If your phone service provider allows you to set a separate passcode or PIN for your communications, do so. It could add an extra layer of protection.
- IDs: Don’t base your security and identity authentication on your phone number alone. This includes non-encrypted text messaging (SMS).
- Authentication apps: You can use an authentication app like Google Authenticator to provide two-factor authentication that is tied to your physical device rather than your phone number.
- Alerts from your bank and mobile carrier: See if your banks and mobile carriers can collaborate by sharing their knowledge of SIM swap activity and implementing user alerts as well as additional checks when SIM cards are reissued, for example.
- Behavioral analysis technology: Banks can use technology that analyses customer behaviour to detect compromised devices and warn customers not to send SMS passwords.
- Call-backs: Some businesses contact customers to ensure that they are who they say they are — and to catch identity thieves.
One reason why a phone number may not be the best verifier of your identity is SIM swapping. It’s a weak authenticator. Adding layers of security could help keep your accounts — and your identity — safe.
Of course, SIM swapping is only one method of committing identity theft. If you’re worried about identity theft because of a misplaced driver’s licence or other form of identification, it’s a good idea to look into a reputable identity theft protection service like LifeLock Ultimate Plus.
