Sim swapping has become one of the best biggest forms of fraud attack in recent times. For uninitiated, a Sim swap fraud or scam is a type of account fraud, which uses the weakness in 2FA security where your mobile number is the second-factor. So, if you have used your phone number as a second-factor authentication or a recovery method for your account, fraudsters can take hold of your account by swapping your SIM. The most notable of such attacks happened to the micro-blogging site, Twitter’s co-founder Jack Dorsey. Mr. Dorsey’s account was hacked by swapping the SIM that was associated with his account. That shows that everyone is susceptible to this kind of attack. In this article, we are going to tell you all about the prevalent SIM swapping attacks and you can save yourself from being a victim.
SIM swapping is a type of scam that allows fraudsters to get hold of your phone number which in turn allows them to take over any social media accounts that’s linked with it. If you are unlucky, they can even use this trick to get into your bank accounts and that is a disaster that you don’t want to go through. If you are thinking, how can anyone get hold of your number, it’s easy.
Is It So Easy to Swap Numbers?
I get it. You are not sure that SIM swapping can happen to you there must be some form of customer protection in place. Well, you are not entirely wrong. SIM swapping is not supposed to be easy, however, fraudsters have become so apt at using a combination of social engineering and new methods like phishing, that it is no longer a long shot. Also, the disdain of mobile operators, especially in the US and Canada, in providing any form of a special check to protect their customers is not helping much.
That is some scary data. Not only they found that they can easily SIM swap, but they also found that only one correct answer was needed to swap the SIM, even in cases where they have given repeated wrong answers. It means, a fraudster can just keep guessing and when they get one answer right, your number is swapped. If that’s not apathy towards consumer security from carriers, then what is?
Now that you know SIM swapping is a serious threat to your online and financial privacy, let’s see what you can do to stop these attacks. There are several things that you can put in place so you are never a victim of SIM swapping frauds. You can also ensure that you don’t suffer any major problems, in case your SIM is swapped. And finally, we will take a look at the steps you can take in the worst-case scenario. So without further ado, let’s get started, shall we?
1. Use Carrier PIN Codes
Most US carriers allow users to set a PIN to their phone number. If your carriers support this feature, stop reading and set it up right now. This will stop SIM swaps from happening as the fraudster will be required to give the PIN to activate the process. Since only you have the PIN, they won’t be able to swap your SIM card. If you fear that you will forget the PIN, remember to use a good password manager (if you are not doing already so) and stick the PIN in the secure notes feature. This way, your PIN will be secure and available. Here are how you can do this.
Every major US mobile carrier has a detailed page on fighting SIM swapping. You can click on the links below t find the resources that will help you set up a PIN for your account.
For Indian Mobile Users
Indian mobile users don’t have to worry as much about the SIM swap attack as it’s not as easy to port a SIM number in India as it is in US. However, there’s always the chance that you lose your mobile or someone steals it. In such cases, anyone can use your SIM to get desired access to your account until you get it blocked. That’s why, one should consider setting up a SIM PIN. You can do it really easily regardless of your mobile service provider:
Android Users: Go to Security & Privacy -> More Settings -> Encryption and credentials -> Set SIM lock. Again use the above default PIN to open the setting and then reset it with your own PIN.
2. Don’t Fall for Phishing Scams
The first step in protecting yourself from SIM swapping is ensuring that you are not falling prey to a Phishing scam. A fishing scam is one of the oldest forms of scams. In this, you receive an email or a message from a fraudster impersonating as your mobile carrier or your bank or any such institute. Mostly the messages and emails either warn that you have been hacked and you need to change your account and password or that you have won some money or cash back and you need to enter some personal information to get the prize or refund.
Humans are social by nature and we love to share our views and thoughts with the world. There are several social media websites like Facebook, Instagram, Twitter, and more where we love to share with other users. However, remember, any information that you share online can be used against you. Seeing the state of information on Facebook and how easily our data is sold, it would be wise to not share overtly personal information. Remember, you only need to get one answer right to swap the SIM. Make sure you are not the one giving away the information.
One thing that I make sure to do is never use my phone number as 2FA security or account recovery methods. It still boggles my mind as to how a thing that is so easily shared can be used as a measure to protect our online privacy. Make sure to use third-party authentication apps like Google Authenticator (free – Android / iOS) as your 2FA security. I prefer Authy (free – Android/iOS) but you can use any app that you want.
If worst comes to pass and you are SIM swapped, you should take these steps immediately to minimize the effect of the attack.
US Carriers
Sprint: 1-888-211-4727 / 1-817-698-4199
AT&T: 1-800-331-0500
T-Mobile: 1-800-937-8997
Verizon: 1-800-922-0204
Indian Carriers
Vodafone: 111 – Vodafone customers / 9886098860 (Non-Vodafone customers)
Airtel: 198 – Airtel customers (check this link for non-Airtel customer care number)
BSNL: 9415024365
Reliance Jio: 1800 88 99999
Sprint: 1-888-211-4727 / 1-817-698-4199
AT&T: 1-800-331-0500
T-Mobile: 1-800-937-8997
Verizon: 1-800-922-0204
Vodafone: 111 – Vodafone customers / 9886098860 (Non-Vodafone customers)
Airtel: 198 – Airtel customers (check this link for non-Airtel customer care number)
BSNL: 9415024365
Reliance Jio: 1800 88 99999
