News

‘SIM swap’ schemes are on the rise. Here’s how to protect yourself


The FBI is issuing a warning about a new scam that's costing victims millions of dollars.A news release from the FBI alerts mobile carriers and the public about an increase in Subscriber Identity Module (SIM) swapping, in which criminals steal money from virtual currency accounts.SIM swapping may not be what you think it is. It doesn't mean a cybercriminal has to physically take your SIM card, the memory chips that make your phone yours, according to McAfee, a global computer security software company.SIM swapping is now happening remotely when scammers can access and use your personal information to impersonate you and convince the mobile carrier of your phone to reassign your phone number to a new SIM card. That's when scammers can gain control of your phone data, change your passwords and access your accounts.Between January 2018 and December 2020, the FBI said its Internet Crime Complaint Center received 320 complaints related to SIM swapping incidents that resulted in losses of $12 million.In 2021, the center received 1,611 SIM swapping complaints about losses of $68 million.SIM swapping targets mobile carriers to access victims' bank accounts, virtual currency accounts and other sensitive information through a few techniques.Scammers sometimes use social engineering to impersonate the victim and trick the mobile carrier to switch the victim's mobile number to a SIM card in the scammer's possession. They may also conduct SIM swap schemes to pay off mobile carrier employees to switch a victim's mobile number to a SIM card in their possession. Scammers can also use phishing techniques to deceive employees to download malware that is then used to hack the mobile carrier system to carry out the SIM swap.Once a scammer swaps the SIM, the victim's calls, texts and other data are downloaded to the scammer's device, which allows them to use "forgot password" or "account recovery" options with the victim's accounts associated with their email and phone number. SIM swaps can even outsmart two-factor authentication, where mobile app providers send a link or one-time passcode through text to a victim's phone number. SIM swapping allows scammers access despite this process to log in, reset passwords and gain control of the victims' accounts.In its news release, the FBI provided some advice to avoid SIM swapping scams: • Don't advertise information about your financial assets, including ownership or investment in cryptocurrency, on social media.• Don't provide mobile number account information over the phone, including your account password and pin. Verify the call by dialing the customer service line of your mobile phone carrier.• Try to avoid posting your mobile phone number, address and other personal information online.• Use different passwords for your online accounts.• Use strong multi-factor authentication methods like biometrics, physical security tokens or standalone authentication applications to access your online accounts.• Don't store passwords, usernames or login information on mobile device apps.If you think you're the victim of SIM swapping, you should contact your mobile carrier immediately to regain control of your phone number. You should also access your online accounts, change your passwords and contact your bank to place an alert on your accounts for any suspicious login attempts or transactions. The FBI recommends reporting any information about suspicious account activity to local law enforcement, your local FBI field office or the FBI's Internet Crime Complaint Center.

The FBI is issuing a warning about a new scam that's costing victims millions of dollars.

A news release from the FBI alerts mobile carriers and the public about an increase in Subscriber Identity Module (SIM) swapping, in which criminals steal money from virtual currency accounts.

SIM swapping may not be what you think it is. It doesn't mean a cybercriminal has to physically take your SIM card, the memory chips that make your phone yours, according to McAfee, a global computer security software company.

SIM swapping is now happening remotely when scammers can access and use your personal information to impersonate you and convince the mobile carrier of your phone to reassign your phone number to a new SIM card. That's when scammers can gain control of your phone data, change your passwords and access your accounts.

Between January 2018 and December 2020, the FBI said its Internet Crime Complaint Center received 320 complaints related to SIM swapping incidents that resulted in losses of $12 million.

In 2021, the center received 1,611 SIM swapping complaints about losses of $68 million.

SIM swapping targets mobile carriers to access victims' bank accounts, virtual currency accounts and other sensitive information through a few techniques.

Scammers sometimes use social engineering to impersonate the victim and trick the mobile carrier to switch the victim's mobile number to a SIM card in the scammer's possession.

They may also conduct SIM swap schemes to pay off mobile carrier employees to switch a victim's mobile number to a SIM card in their possession.

Scammers can also use phishing techniques to deceive employees to download malware that is then used to hack the mobile carrier system to carry out the SIM swap.

Once a scammer swaps the SIM, the victim's calls, texts and other data are downloaded to the scammer's device, which allows them to use "forgot password" or "account recovery" options with the victim's accounts associated with their email and phone number.

SIM swaps can even outsmart two-factor authentication, where mobile app providers send a link or one-time passcode through text to a victim's phone number. SIM swapping allows scammers access despite this process to log in, reset passwords and gain control of the victims' accounts.

In its news release, the FBI provided some advice to avoid SIM swapping scams:

• Don't advertise information about your financial assets, including ownership or investment in cryptocurrency, on social media.

• Don't provide mobile number account information over the phone, including your account password and pin. Verify the call by dialing the customer service line of your mobile phone carrier.

• Try to avoid posting your mobile phone number, address and other personal information online.

• Use different passwords for your online accounts.

• Use strong multi-factor authentication methods like biometrics, physical security tokens or standalone authentication applications to access your online accounts.

• Don't store passwords, usernames or login information on mobile device apps.

If you think you're the victim of SIM swapping, you should contact your mobile carrier immediately to regain control of your phone number. You should also access your online accounts, change your passwords and contact your bank to place an alert on your accounts for any suspicious login attempts or transactions.

The FBI recommends reporting any information about suspicious account activity to local law enforcement, your local FBI field office or the FBI's Internet Crime Complaint Center.


Source link

Show More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button