SIM swapping happens when a criminal gets a mobile carrier to reroute calls and texts from a target phone to another in their control. This can be done by bribing an insider (read about one case on ZDNet). It can also be done by using social engineering to convince a mobile carrier that the criminal is the rightful owner of the account.
Why Does SIM Swapping Matter?
The most recognizable use for SIM swapping is as a way around text-based multifactor authentication (MFA). With it, criminals can compromise any account secured by SMS-based MFA. The victim is left vulnerable to theft of money, identity, and control of synced online accounts.
What If It Happens To You?
The saving grace is that SIM swapping is quickly detectable. The swap renders the victim’s phone unable to text or call. So if your phone loses service for no apparent reason, contact your mobile phone carrier’s customer service line immediately. Let them know that you didn’t initiate the change.
How Can You Prevent Your SIM From Being Swapped?
- Don’t overshare and resist the phish. Criminals without an insider use personal information about you to convince your carrier that they are you. You can make this harder by limiting the amount of personal information you share publicly on social media platforms. You can also make it harder by keeping an eye out for phishing attempts. Remember, not every phishing attempt wants you to initiate a download.
- Enable MFA through a third-party application or security key whenever possible. These forms of MFA do not break down if someone has swapped your SIM. You can read a quick summary about the apps on our blog Choosing a Third Party Authenticator App.
- Change your PIN if you were part of the T-Mobile breach in August. One key piece of information exposed in the breach was the PIN number used to confirm a user’s identity before their employees would allow you to make changes on your account. If you are a T-Mobile user, sign up for free Account Takeover Protection. You can find more information directly from their site.
ABOUT FRONTLINE TECHNOLOGY LLC
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders. With over 20 years' experience serving organizations of all sizes, Frontline understands the unique needs, budgets, and technology challenges of nonprofits.
Technology is often perceived as complicated and expensive. Many nonprofits struggle to implement the technology solutions and security needed to drive their mission forward. Frontline Technology helps nonprofits overcome their technology challenges so they can stay focused on their mission.
For nonprofits of every type and size: We Keep IT Simple.
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders.