Could a Thief Steal Your Phone Number? Here's How SIM Swap Scams Happen:
April 29, 2021
Do you enjoy high-tech thrillers like Mission Impossible? Whether you do or not, if someone stole your cell phone number, you could find yourself embroiled in a techno-drama of your own.
How would this happen, you ask? Cybercriminals are becoming adept at something called “SIM swapping.”
What is SIM swapping?
SIM swapping is a way for someone to steal your mobile phone number. It happens when a criminal tricks your cell phone provider into transferring your phone number to their SIM card (the small, plastic chip inside a mobile device that tells it which phone number to use).
How does a SIM swap attack work?
Once a thief has stolen your phone number, stealing your identity becomes relatively easy. This is because your number is likely tied to your bank, email and social media accounts. Fraudsters with your number could try logging into these accounts — and then intercept the confirmation codes that were supposed to be texted to your device! Once inside, the bad guys can drain your financial accounts, take out loans in your name and scrape your email contacts to scam friends and family.
Wait ... just how easily can my phone number be stolen?
To find out how easy it is to pull off a SIM swap scam, Princeton researchers recently tested five major U.S. cell phone providers. They were alarmingly successful, completing 39 fake SIM swaps in 50 attempts. What does this tell us? If someone sets their sights on your cell number, the odds are not in your favor.
What are the signs of SIM swap fraud?
If you notice any of these warning signs, you should contact your cell phone provider immediately:
- Getting locked out of your phone's online account. Contact your cell provider immediately if you suddenly find yourself locked out of your phone service's online account— a SIM swap may be the cause.
- No cell phone service, even with good reception. If your phone loses service or you cannot receive calls or texts when reception is clearly present, it's time to notify your provider.
- Phone service notifications for things you didn't do. Be alert for notifications of suspicious activities. Most cell providers will notify you when something out of the ordinary happens to your account.
If you suspect that you're a victim of a SIM swap scam, call your mobile carrier and let them know that you didn’t make changes to your account. You should also get in touch with your bank and check for transactions that aren’t yours. Subscribing to a reputable credit monitoring service is also advisable.
How to prevent SIM swapping:
Take these extra precautions to avoid falling victim to SIM swap fraud:
Lock your phone number with your service carrier.
Many carriers offer a "Number Lock" (or "Port Freeze") to protect your mobile number from an unauthorized transfer. Once a number is locked, it cannot be ported to another line or carrier unless you remove the lock — usually with a PIN number or by physically walking into the store. If your cell carrier allows a number lock, it’s a good idea to get the extra protection.
Limit the amount of personal information you share online.
Fraudsters will latch on to the smallest details in order convince your carrier that they are you. Avoid posting anywhere public your full name, address, phone number and birth date. Also, do not overshare details of your personal life on social media. Chances are, you've included some of these details in the online security questions used to verify your identity.
Don't fall for phishing emails, texts and calls.
Phishing messages are also a popular way for cybercriminals to get sensitive information. Criminals will often try to impersonate trusted institutions, relying on the assumption you won’t hesitate to answer their question or scrutinize their email. Your bank, the government and reputable health offices will never contact you out-of-the-blue and ask for your personal information. Hang up or delete the message, and instead contact the institution on your own.
Use strong passwords and security questions.
Use a strong password that is nearly impossible to guess, and contains 12 characters or more to protect your cell phone’s online account (and all of your online accounts, for that matter). Also, use identity questions that even close acquaintances couldn't guess.
Use Face/Touch ID authentication whenever possible.
Whenever possible, use mobile apps that support two-factor biometrics (Face/Touch ID). On the NWB Mobile App, for example, you can set up a fingerprint reader or facial recognition as a login requirement. Even thieves who have your phone number cannot duplicate your biometric information.
But perhaps most importantly, protect the financial well-being of you and your loved ones by partnering with a strong community-based bank like Northwestern Bank. Our employees live and work in Northwest Iowa, and we take pride in serving and protecting our community. If the unthinkable happens, our team of financial professionals is here to assist you in every way possible.
Was this article helpful?
We want to provide solutions that matter, when you need them most. Get the latest fraud and security updates by subscribing to our free newsletter. And if you have any further questions, contact us today.