SIM Swapping Scams Skyrocket | The FBI Says This Is How to Protect Yourself
Toggle Dark Mode
The FBI recently shared a public service announcement saying that scams related to SIM swapping have more than doubled in the last year.
According to the FBI Internet Crime Complaint Center, also known as IC3, from January 2018 to December 2020, there were 320 complaints related to SIM swapping incidents, which resulted in losses of approximately $12 million.
In 2021 alone, the IC3 received a total of 1,611 SIM swapping complaints with adjusted losses of more than $68 million.
In case you don’t know what SIM swapping is, this is a form of fraud where a person tries to transfer the phone number of a victim into a different subscriber identity module card, or SIM card for short.
With a SIM swapped, the criminal can use the victim’s phone number to receive phone calls and text messages – but the most dangerous part is that the criminal could possibly use this to access the victim’s online accounts.
Thanks to two-factor authentication, most platforms send a code to the user’s phone number so only they can access it (see above). If someone else gets that code, they could use it to enter any online platform to get a hold of someone’s personal data or even steal their money from bank/crypto accounts they may have.
How Are Criminals Using SIM Swapping?
According to the FBI, “the criminal actors primarily conduct SIM swap schemes using social engineering, insider threat, or phishing techniques.”
When it comes to social engineering, a criminal would impersonate the victim and ask the mobile carrier to switch the victim’s phone number into a new SIM card.
Criminals can also go directly to a mobile carrier employee and pay them off to conduct a SIM swap.
One of the most popular techniques criminals use is phishing to deceive employees, so they download malicious software to hack the mobile carrier system and do the SIM swaps.
How Can You Protect Yourself Against SIM Swapping?
Fortunately, the FBI also gives a few tips on how to protect yourself against these attacks. Granted, there’s no perfect way to protect yourself, but this will help you avoid becoming a target.
- Do not advertise information about financial assets, including ownership or investment of cryptocurrency, on social media websites and forums.
- Do not provide your mobile number account information over the phone to representatives who request your account password or pin. Verify the call by dialing the customer service line of your mobile carrier.
- Avoid posting personal information online, such as mobile phone number, address, or other personally-identifying information.
- Use a variety of unique passwords to access online accounts.
- Be aware of any changes in SMS-based connectivity.
- Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts.
- Do not store passwords, usernames, or other information for easy login on mobile device applications.
What Can You Do If You Think You’re a Victim?
Even if you suspect you’re a victim of SIM swapping, there are a few things the FBI suggests you do to avoid further damage. Keep in mind that you should act as fast as possible to sort this issue out.
- Contact your mobile carrier immediately to regain control of your phone number.
- Access your online accounts and change your passwords.
- Contact your financial institutions to place an alert on your accounts for suspicious login attempts and/or transactions.
- Report information concerning all suspicious activity to your local law enforcement agency or your local FBI field office (contact information can be found at www.fbi.gov/contact-us/field-offices.)
- Report the activity to the FBI’s Internet Crime Complaint Center at www.ic3.gov.