SIM Swap

What is a SIM Swap?

A SIM Swap combines elements of a cyber attack with old-fashioned fraud. In a SIM Swap, a bad actor convinces a mobile carrier to port someone’s real, in-use phone number over to their SIM card, thus giving the bad actor control over the number. It’s then used for Account Takeover Attacks by taking advantage of two-factor authentication/two-step verification codes sent to that number to gain access to accounts – leading to financial or other theft.

How to Recognize This Threat: The SIM Swap attack typically begins with intelligence gathering, possibly through information uncovered in a breach or a directed social engineering campaign. The bad actor uses details learned about a target to aid in convincing the mobile provider that a number belongs to them. In other cases, the attacker may simply bribe a phone company employee to execute the switch. In any case, a victim will immediately lose access to the number, meaning all incoming calls or texts go directly to the bad actor.

How to Prevent This Threat: Good online hygiene always helps, but in this case it’s also useful to set a PIN with a mobile provider to make gaining access tougher. Additionally, go beyond basic two-factor authentication with a strong multifactor authentication solution. And as an additional layer of protection, consider separating some of your most sensitive (or valuable) accounts from your main phone number. Finally, react quickly if phone access is lost by contacting the mobile carrier.