For cybercriminals and fraudsters, exploiting security holes and other means to steal others’ identities is a lucrative business. As a result, they are constantly inventing new methods to access and misuse other people’s accounts.
Phishing attempts via phone, email or post are well known, but now there is a new scam to be wary of: SIM swapping. In the UK, the London Metropolitan Police has put together a dedicated guide to protect yourself, following numerous reports of this threat.
What is SIM swap?
SIM swapping is a scam used by criminals to hijack victims’ cell phone numbers and steal their identities.
First, they order a new eSIM card in the victim’s name. In some cases, the victim’s name and mobile phone number are enough for this. According to the police, this information can fall into the hands of fraudsters through preliminary research or phishing emails.
The new eSIM can then be activated and used digitally, usually by activating a code via SMS that fraudsters send to their victims. To disguise the fact that a new SIM is being activated, fraudsters pass the code off as a package notification or similar.
Once the SIM card is activated, criminals can use it on their own smartphone and thus block the victim’s phone number. This number is then used f or other fraudulent activities, such as phishing or accessing accounts.
How dangerous is SIM swapping?
The SIM swapping process seems quite complicated. Therefore, it is rare for the scam to ultimately succeed. Compared to other types of scams, the number of cases seems relatively low.
However, if the attempt is successful and remains unnoticed for too long, it is difficult for those affected to regain access to their phone number. In addition, many verification procedures are linked to SMS, which allows attackers to quickly access accounts.
How to protect yourself against SIM card changes
The police have issued the following tips to protect yourself against SIM swapping:
- Do not disclose any personal information, such as your name or mobile phone number.
- Install antivirus programs and monitoring apps on your smartphone that show you the permissions of other apps (e.g. phone book access) – many operating systems do this automatically
- Do not download files from untrusted sources
- Do not install online banking apps on the same device where you receive the mobile transaction authentication number (TAN) to authenticate purchases.
- Pay close attention to the sender when you receive a confirmation code via SMS.
If you believe you have been the victim of SIM swap fraud, immediately notify your mobile operator and file a criminal complaint.
Related articles
This article was originally published in our sister publication PC-WELT and has been translated and adapted from German.
Table of Contents