SIM what? Like the computer game? Not quite. This SIM is not as much fun, and might even be dangerous. Let’s take a look at the threat SIM swapping can pose to everyday cellphone users.
SIM swapping is a phrase that is used quite often in the news as of recent. But, many people have no idea what SIM swapping is, let alone what a SIM is. Before we dive into the realm of SIM swapping, let’s review what a SIM or a SIM card is.
To begin, a SIM card or subscriber identification module is an “integrated circuit that is intended to securely store the international mobile subscriber identity number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices”. (According to Wikipedia)
To simplify the definition, a SIM card is basically what stores your unique cell phone number and identifies you to the provider. Your SIM card and number link you to your account, which then stores your PII (personally identifiable information).
A SIM card is necessary to the function of your phone and identity of your cellular account. When this is accessed by the wrong person, the result can be detrimental.
How does SIM swapping work?
By definition, SIM swapping is, “a form of identity theft in which an attacker convinces a cell phone carrier into switching a victim’s phone number to a new device.”
Continuing, this means that attackers target weak spots regarding login information. This could be a weak password that is easy to crack, or using the lack of 2FA to their advantage. They can then use the compromised information to trick the cell phone carrier into switching the number to another device.
Further, now that sending a text to a cell phone is a form of identification for many online accounts, the attacker will now have access to that after the SIM swapping attack.
This also allows them to access a plethora of personal account and information. For example, bank accounts, social media and other online platforms.
The goal of a SIM swapping attack is to switch your number to another device that the attacker is in possession of. Once your number is attached to their device, the can use cell phone verification texts for your accounts to steal your credit card and personal information.
How do I protect myself against SIM swapping?
Now that awareness has been brought to the threat of SIM swapping, here are a few tips on what users can do to prevent yourself from becoming a victim.
- Do not rely on cell phone verification for sensitive accounts like banking or medical logins
- Remove your phone number from accounts that don’t necessarily need one
- Avoid sharing PII information on social media
- Turn on two-factor authentication or multi-factor authentication to increase account security
- Set up a PIN for your cell phone account
- Regularly update passwords / use different passwords for different sites
All in all, to avoid falling victim to a SIM swapping attack, utilize the tips listed above. Going beyond the tips, take caution when you receive mysterious text messages asking for personal information. Finally, keep an eye on your online accounts. Regularly checking in helps to insure that unauthorized users are keeping out of your accounts, and your info is safe.
By Taylor Ritchey