For cyber criminals and fraudsters, exploiting security leaks and other ways of stealing someone else’s identity is a lucrative business. As a result, they’re constantly coming up with new methods to gain access to other people’s accounts and misuse them.
Phishing attempts via phone call, email or post are well-known, but there’s now a new scam to be wary of: SIM swapping. In the UK, London’s Metropolitan Police have a dedicated guide for protecting yourself, following lots of reports about its threat.
What is SIM swapping?
SIM swapping is a scam that criminals use to hijack victims’ mobile phone numbers and assume their identity.
First, they order a new eSIM card in the victim’s name. In some cases, the victim’s name and mobile phone number are sufficient for this. According to the police, these can fall into the hands of the fraudsters through prior research or phishing emails.
The new eSIM can then be activated and used digitally, usually by activating a code via text message that the fraudsters send to their victims. To conceal the fact that a new SIM card is being activated, the fraudsters pass the code off as a parcel notification or similar.
Once the SIM has been activated, the perpetrators can use it on their own smartphone and thus block the victim’s phone number. This is then used for further fraudulent activities, such as phishing or accessing accounts.
How dangerous is SIM swapping?
The SIM swapping process appears to be quite complicated. It is therefore rare for the scam to work in the end. Compared to other kinds of scam, the number of cases appears to be relatively low.
Nevertheless, if the attempt is successful and goes unnoticed for too long, it’s difficult for those affected to regain access to their phone number. In addition, many verification procedures are linked to SMS, so attackers can quickly gain access to accounts.
How to protect yourself against SIM swapping
Police have issued the following tips to protect yourself against SIM swapping:
- Do not give out any personal data, such as your name or mobile phone number
- Install antivirus programmes and monitoring apps on your smartphone that show you the permissions of other apps (e.g. access to the phone book) – many operating systems do this automatically
- Do not download files from unsafe sources
- Do not install online banking apps on the same device which you receive the mobile Transaction Authentication Number (TAN) for authenticating purchases
- Pay close attention to the sender when you receive a confirmation code by text message
If you think you’ve become a victim of SIM swapping fraud, inform your mobile phone provider immediately and file a criminal complaint.
Related articles
This article originally appeared on our sister publication PC-WELT and was translated and adapted from German.