All the Things You Need to Know about Sim Swap Hack
The sim card, that small plastic chip tailored to fit into the phone’s sim card reader, plays the role of notifying one’s cellular device on which cellular network to connect to. It also informs the network provider on which phone number a user will be utilizing.
Due to the nature of mobile cellular devices, they are usually prone to be lost. This necessitates switching all these details to a new subscriber identity module (sim) card, increasing ties between one’s phone number and their online identity. Therefore, one must get to terms with what this fraudulent scheme is all about.
Sim Swap Hack
A sim swap hack occurs when someone manages to convince a victim’s network provider to switch their phone number to their sim card. By doing so, they get to carry out identity theft to enable them to commit various crimes.
How It’s Done
It may sound difficult to many, but these hackers know just what to do or say. It starts with them calling your carrier. A talk of having lost or changed a user’s phone, coupled with a few correct answers like your birthdate, which they may have fished from a mail, may do the trick.
They may even call their victims prior, pretending to be the same network providers, and asking for such details, also called social engineering. The customer service operator gets to believe they are the sim owner, and that’s it; the phone number is ported to their sim card.
Thanks to a diversion of the victim’s messages, the hacker gets to complete the SMS-based two-factor authentication (2FA), the first security to one’s most private accounts. That’s if the user even had one in the first place. If not, the victim’s services will be duped using one’s phone number to part with all your passwords.
The Hackers’ aim
If it’s an insecure spouse wishing to track one’s incoming messages, then the victim may have dodged a huge financial bullet. But most times, it surely is not.
The hacker has a plethora of things to do that will take one back economically tremendously. Users are always advised to use different pins and passwords for a reason, and the hackers may have the easiest time in the world accessing all of one’s assets. They drain a victim’s bank account, access one’s private keys, and take all crypto assets.
And that’s not everything. They may delete all of the victim’s emails and social media accounts for the fun of it. Accessing one’s darkest secrets for future blackmail is on the table. Even reaching out to one’s family and friends to add to their loot is still within reach.
The fraudsters know quite well that attempting all these during the day will rattle their victims’ thanks to a string of notifications on their cellular devices. So what best step to take? Do it at night, when the user is sound asleep. Many people have gone to sleep quite well off, only to wake up as poor as a church mouse.
Ellis Pinsky, an 18-year-old high school student, faced a lawsuit in May 2020 alongside 20 others for a major sim swap scam. $23.8million were swindled from Michael Terpin, the founder and CEO of Transform group.
This scam against the founder of the world’s leading blockchain communications company happened when the accused was just 15years old. Mr. Terpin, in turn, sued his carrier, AT&T, for $223.8million, 10 times the swindled figure.
Another non-crypto incident is when an Instagram hack on Selena Gomez resulted in the posting of fellow top musician Justin Bieber’s nude photos.
How to Prevent The Hack
As has been seen, it is quite easy for a sim swap hack to be carried out. Luckily, there are some measures one can employ to lessen their susceptibility to these hacks.
Getting A More Secure 2FA
The SMS-based 2FA, while a security measure, is very easy to bypass. One should utilize more secure 2FAs. App-based ones do the trick quite fine.
Omitting One’s Phone Number From Their Online Activities
It usually sounds a lot more convenient to attach phone numbers to online accounts. Some even perceive the number of several digits number as a good password. That’s a big no-no. It is akin to handing to pirates keys to a treasure chest.
A hacker with a phone number tied to their victim’s online account can also bypass any 2FA. This negates the first protective measure.
Utilizing Pins And Passcodes
Many service providers usually give a pin or passcode option on one’s accounts. It is wise to use them. That extra layer of security may go a long way.
The pins and passcodes should also be unique for every account, more so for sensitive ones to make things tougher for hackers.
Separating Sensitive Accounts From Other Online Activities
When a hacker hits, one’s bank accounts, crypto savings holders, mobile money accounts, and key social media identities are the very first thing in mind. It pays to keep them apart from other accounts and online identities. It is even better if they have a separate secret phone and sim.
No one wants to wake up one day with all their savings gone and online data defaced or deleted. It is therefore very wise to take up these preventive measures discussed above. All these steps may reduce one’s susceptibility to sim swap hacks, but hackers are always going out of their way to find new ways to bypass them.
Vigilance is also advised. If messages suddenly stop going through or notifications regarding one’s sim being a disabled pop-up, a hack is happening. Acting immediately to stop the hack in its tracks might prevent huge losses or humiliations.