A type of account takeover fraud that depends on phone-based authentication like two-factor authentication and two-step verification, SIM swapping is taking centre stage.
FREMONT, CA: According to recent research done by Princeton University has revealed that the five major US wireless carriers- AT&T, T-Mobile, Verizon, Tracfone, and US Mobile are prone to SIM swap scams. These attacks can jeopardize personal details and the bank accounts of the customers by extracting phone numbers from these carrier providers. The hackers also utilize the Remote Desktop Protocol (RDP) software to launch SIM swapping attacks. A study was done by the researchers in 2019 also indicates that SIM swap fraud is increasing at a large scale, especially in developing countries like Africa and Latin America. SIM –swap attackers make way for criminals to get access to the targets email and bank account, cryptocurrency wallet, social media, and many more.
SIM swap scam is a fraud which happens when the scammers take advantage of a weakness in two-factor authentication and verification in which the second step is to send a message or call in the mobile phone number of the victim. Generally, a simple SIM-card swapping works when the scammers call a mobile carrier, pretending to be the actual owner and claiming to have lost or damaged their SIM card. After this, they convince the customer service representative to activate a new SIM card in the imposter’s possession. This allows the imposters to port the targets phone number to their device, which contains a different SIM.
Gaining access and control over the victims’ phone number, imposters can go to the phone communications with banks and other organizations and can access any code or reset the password of the victims’ accounts. They also gain control over the target’s social media profiles and collect a variety of information, which they can use as they see fit.
Spotting SIM swapping is not an easy task but is essential. The first sign is when messages and calls are not going through the phone, and there is a possibility that the fraudsters have deactivated the SIM and are using the phone number. Even when the login credential doesn’t work for your bank accounts, the bank and other organizations have to be immediately contacted. Lastly, when the phone provider calls you and notifies that your phone number has been activated on another device; immediate actions have to be taken to avoid any grave damage.
See Also:- Top Enterprise Security Solution Companies