SIM cards are necessary to operate most modern mobile devices. SIM stands for “subscriber identity module”. As anyone who’s had trouble with their SIM card can tell you, this tiny piece of tech is majorly important. It connects the user to their network, and therefore their data. Among the data linked to your SIM is one of your most valuable pieces of personally identifying information: your phone number.
A new type of social engineering attack called SIM swapping is becoming more commonHacked employees are a danger to your company’s data, so it is important to know what to look out for and keep your team up to date on best practices in mobile cybersecurity. Read on for all the details of how you can protect your network from SIM swapping scams.
SIM Swapping Defined
SIM swapping occurs when a criminal contacts the phone company and convinces the employee that they are the owner of the phone and need a transfer to a new device due to damage or it being lost.
The scammer will ask the cell phone provider to activate a new SIM card connected to your phone number on a new phone that they now own. If the scammer is successful, they will receive all of your texts, phone calls, and data.
In some circumstances, the scam occurs on the inside, where employees of the phone company help make the switch, making them part of the scam.
What Happens When You Are SIM Swapped?
Once the scammer gains control of your phone number, they can receive your text messages. With access to your texts, this can allow criminals to log into your other accounts and receive verification codes needed to log in. This occurs if text messages are used as a form of multi-factor authentication.
With this information, scammers could log into bank accounts to steal money, or take over social media and email accounts. There is also a chance they could lock you out of an account completely by changing the password.
Protecting Yourself from SIM Swapping
Protect your device and data from SIM swapping with these tips from ThrottleNet’s IT security pros.
- Do not reply to text messages or phone calls that request personal information.
These texts or calls could be phishing attempts by scammers looking to get your cellular, bank, or credit card account information. Instead, contact the company directly through a phone number or website you know is legitimate if you receive a suspicious text message or phone call.
- Limit the amount of personal information you post on social media platforms.
Avoid posting your full name, address, or phone number. Posting this information can make it easier for scammers to steal your identity.
- Set up a PIN or passcode on your cellular account.
Creating a PIN or passcode can act as an added layer of protection, which is another piece of information a scammer would need to obtain prior to stealing your identity. PINs or passcodes can also help protect an account from any unauthorized changes.Since setting up a PIN/passcode differs depending on the cell phone company, be sure to contact your provider to see what steps to take to do so.
- Use an authentication application or security key.
A newer way to authenticate your identity online is by using security keys. Security keys are small USB-powered devices that work like an actual key to your accounts by inserting them into your computer when logging in. Some security keys work with both computers and mobile devices.
What To Do If You Become A Victim of SIM Swapping
If you’re the target of a SIM swap scam, there are three important steps you should follow to help mitigate the damage and re-secure your information.
- Contact your cell phone provider immediately to take back control of your phone number.
- Once you regain access, change your account passwords to prevent any other issues.
- Check bank, credit card and other accounts for unauthorized changes and charges, and report them to your company.