“SIM swap” scams stole $68 million in 2021 — here’s how to protect yourself
The FBI has issued a warning about the growing number of “SIM swap” scams that essentially steal someone’s cell phone number to hack into their personal data.
A “SIM swap” scam occurs when a criminal acquires a mobile phone’s SIM card (i.e. the memory card that identifies the owner of the phone and connects the device to the mobile network) from a unconscious victim to steal personal information such as “bank accounts, currency accounts, and other sensitive information,” according to the FBI’s public service announcement.
In many cases, the criminals will use phishing techniques to obtain the victim’s personal information, then use it to impersonate the victim to their mobile carrier, and subsequently tip the phone number of the victim on another SIM card.
““Once the SIM card is swapped, the victim’s calls, texts and other data are redirected to the criminal’s device.””
“Once the SIM card is swapped, the victim’s calls, texts and other data are diverted to the criminal’s device,” the FBI explains in its public service announcement. “This access allows criminals to send ‘Forgot Password’ or ‘Account Recovery’ requests to the victim’s email address and other online accounts associated with the victim’s mobile phone number. the victim.”
The FBI received 320 complaints related to SIM swapping incidents between January 2018 and December 2020, and the adjusted losses amounted to $12 million.
And the problem is getting worse. In 2021 alone, the FBI received 1,611 SIM swapping complaints, with adjusted losses totaling over $68 million.
So what can you do to protect your phone and personal information from SIM card swapping schemes? That’s what the FBI recommends.
How to protect yourself from SIM swapping scams
-
Do not post information about your financial assets, including cryptocurrency ownership or investment, on websites and social media forums.
-
Do not share your mobile number account information over the phone with representatives who ask for your account password or PIN. Instead, verify the call by dialing your mobile carrier’s customer service line.
-
Avoid posting personal information online, such as your cell phone number, address, or other personally identifying information.
-
Use a variation of one-time passwords to access online accounts.
-
Be aware of any changes in SMS connectivity.
-
Use strong multifactor authentication methods, such as biometrics, physical security tokens, or standalone authenticator apps to access online accounts.
-
Do not store passwords, usernames or other information for easy login on mobile device apps.
If you think you have been the victim of a SIM card swap:
-
Contact your mobile carrier immediately to regain control of your phone number.
-
Access your online accounts and change your passwords.
-
Contact your financial institutions to place an alert on your accounts in the event of connection attempts and/or suspicious transactions.
-
Report information about suspicious activity to your local law enforcement agency or local FBI office (contact information can be found at www.fbi.gov/contact-us/field-offices.)
-
Report the activity to the FBI’s Internet Crime Complaint Center at www.ic3.gov.