How to protect yourself against Sim-swapping scams with mobile phone fraud on the rise

Cyber ​​security experts are warning consumers to be vigilant amid the massive increase in Sim-swap scams.

Sim-swapping involves thieves cloning a mobile phone number and assigning it to a new Sim, through which they can access online banking accounts, messages and calls.

Scammers comb social media for phone numbers and personal information, including the names of pets or children, favorite sports teams, and dates of birth, to try to figure out passwords for accounts.

Sim swap reports rose 400 per cent between 2015 and 2020, while victims were cheated of £483,000 during the first six months of 2020 alone, with the total known amount in the scam exceeding £10m in the same year.

Dmitriy Bestuzhev, director of research and analysis at cybersecurity firm Kaspersky, has warned against sharing sensitive information, including bank account numbers or data, via the Meta WhatsApp-owned messaging app after its increased use to distribute phishing and ransomware scams.

“It is important to understand that WhatsApp is not a secure platform, although many people think it is. The best thing to do is not to share sensitive information,” he told the Spanish newspaper. El Pais.

WhatsApp has been contacted for comment.

David Emm, Principal Security Researcher at Kaspersky, said the growing popularity of mobile payments has led to cybercriminals using Sim-swap fraud to access two-factor authorization codes sent via mobile phone.

“Criminals obtain the victim’s personal information – bank details, address, etc. – through social networks or by obtaining stolen data,” he said. I.

“Then they use this to masquerade as a victim and request a SIM swap and change of personal information.”

He said that while consumers should be alert to the risk of Sim-swap fraud, mobile service providers and banks should also take steps to reduce the possibility of this happening.

more than technology

Networks must obtain appropriate authorization for Sim exchanges and other changes to the Services. This can include biometric checks to ensure that only account holders have access to the account (eg voice authorization).

“They should also alert customers by SMS if there is a Sim-swap request, as well as inform the banks when there is a swap request and the financial transactions are valid for 48 hours, as in Brazil and Mozambique.”

Action Fraud, the UK’s fraud and cybercrime reporting centre, advises against opening files or clicking on links sent from unknown sources, as well as creating complex passwords that do not include personal information that is easy to guess.

Losing the ability to make calls or send texts, receiving a notification alerting you to the fact that your phone number or SIM card has been activated elsewhere or realizing that you have been banned from the account are all warning signs of the Sim-swap scam, according to Natwest.

The bank warned, “Don’t respond to fake emails, texts or phone calls, these are ways scammers use to collect personal information about you.”

“If your phone suddenly stops working, notify both the bank and the mobile network.”

Former Twitter CEO Jack Dorsey and activist Jack Monroe are among the most prominent victims of the scam, after fraudsters seized their phones, Twitter profiles and bank accounts.

The best way to protect yourself from SIM swap fraud

  • Contact your network provider immediately if you receive messages stating that your Sim has been transferred or to request a PAC
  • Restrict who can see your social media profiles or avoid sharing the type of details that can be used in practice as passwords
  • Use two-factor authentication (2FA) apps to reset passwords instead of a mobile phone number

Leave a reply:

Your email address will not be published.