How dependent are you on your smartphone? Do you keep your banking and trading logins and passwords stored on your phone? Do you love to download the latest app? In today’s electronic world, it is difficult to answer “no” to any of these questions, but the criminal element in our society is counting on you to trust your phone and to be totally unwary of just how vulnerable you truly are. Would you believe that a CEO of a crypto startup had $1 million stolen from two crypto wallets, all due to the latest fraud to hit the streets – SIM Swap Fraud? Yes, it is true, and you need to protect yourself now!
But first, a definition of SIM Swapping: “SIM Swap fraud (also known as Port-Out scam, SIM hijacking, or SIM splitting) is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification, where the second factor or step is an SMS or a call placed to a mobile telephone. The fraud exploits a mobile phone operator’s ability to seamlessly port a telephone number to a new SIM. This feature is normally used where a customer has lost or had their phone stolen.”
According to law enforcement officials, SIM swapping is a new way of stealing money, but this type of fraud has been around for five years. It originated in England, but it has spread across the globe. Crooks have targeted Silicon Valley executives in California, and there have been a rash of instances across India, the UK, and the EU. The sad part about this kind of fraud is that you may already be in a criminal’s crosshairs. Organized crime has an enormous amount of personal data from previous database compromises, and they are just now discovering clever ways, like SIM swapping, to monetize that data.
Malware installed on your computer or phone may have already reported back keystroke information for access to your financial accounts. Crooks have especially focused upon crypto wallets, since they can disappear with their loot within the anonymity provided by the very blockchain technology that supports cryptocurrency systems. Once targeted and prepared, the fraudster need only convince a telecom store employee that your phone has been stolen, easy to do when he has your ID info. Using social-engineering techniques, the crook can also select a designated SIM card for your phone number, thereby giving him control of your text messages and other security measures.
How will you know?
Your phone will go dead. At that point, the rush is on for the crook to transfer funds and disappear.
How can you protect yourself?
First, change your existing PIN and passcodes for a start. Avoid suspicious emails or links to websites that could possibly install malware on your devices.
Lastly, check directly with your carrier. They may have instituted new protective protocols that can address the problem at the source.