Notebookcheck Logo

CheckMag | Port-out hijacking: A how-to for keeping you safe from SIM card swap attacks

Social engineering: Perpetrators employ devious methods to gain access to your personal data. (Image source: Bermix Studio on Unsplash)
Social engineering: Perpetrators employ devious methods to gain access to your personal data. (Image source: Bermix Studio on Unsplash)
So many people rely on mobile devices of all stripes to keep their data secure. Let’s look at why this is not such a good idea - and the options available to fight back.

Imagine a world in which you go about your daily activities on your phone, checking your latest emails, reading your favourite articles, whether it’s on Notebookcheck or your local newspaper, but then you suddenly realize that you haven’t received texts or even phone calls since yesterday. Odd, you think. But you carry on, thinking nothing of it.

Suddenly, you get a notification from your banking app. $200 has just been sent to a person you don’t recognize. Another $500, this time it's an Amazon purchase. Oh no, someone must have gained access to your bank account. You try to call your bank. The call doesn’t connect. In a panic, you run to the bank.

On your way out the door, more messages pop up on your mobile phone. Someone logged into your email, your Steam Account and your X Account. Things are getting serious.

At the bank, after talking to their security consultant, you learn that someone has gotten access to your banking app by using 2-factor authentication. But how is this possible? Simple, he informs you; you have fallen victim to one of the rarer forms of identity theft in which someone convinces your mobile service provider to transfer your mobile phone number to a new SIM card. Now they receive those 2-factor authentication codes, just as you used to be able to do, thus giving the threat actors access to nearly all your accounts.

While some countries have regulations in place already preventing things like this, others either are in the process of introducing legislation, or simply do not have any measures in place for protecting the consumer. Even if you are familiar with security protocols and you stay ahead of the curve when it comes to these sorts of things, you can still be a victim.

In the United States alone, reports of crimes such as this has grown well over 300% in the last 5 years alone. Here are a few tips to help safeguard you, but as with any social engineering attack, the best practice is to always be sceptical when it comes to protecting your personal data:

  • Avoid sharing details about your financial assets, including cryptocurrency investments, on social media and forums.
  • Never disclose your mobile account information, password, or PIN over the phone to unsolicited callers. Verify the legitimacy of the call by contacting your mobile carrier’s customer service directly.
  • Refrain from posting personal information, such as your mobile phone number or address, online.
  • Use unique and strong passwords for online accounts.
  • Stay alert to any unusual texts.
  • Implement robust multi-factor authentication methods, such as biometrics, physical security tokens, or standalone authentication apps, to secure online accounts.
  • Avoid storing passwords, usernames, or other login information in mobile applications.
  • Avoid using public Wi-Fi for accessing sensitive information or conducting financial transactions. Use a virtual private network (VPN) that you trust if necessary.

As always, it’s important to ask questions when you are not sure about something. Under no circumstances should you remain in the dark when it comes to the security of your personal data. If needed, get a professional to provide you with advice and feedback on how you can improve your security. Failing to do so can cost you a lot of money as well as your credibility and reputation.

If you suspect you fell victim to a SIM swap attack, get in contact with the relevant authorities immediately to block your SIM card as well as related apps and services. If you notice something unusual happening with your bank account, report the fraud to your bank immediately to prevent further losses while they investigate the matter.

Image source: Kenny Eliason on Unsplash
Image source: Kenny Eliason on Unsplash

Source(s)

Read all 2 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2024 07 > Port-out hijacking: A how-to for keeping you safe from SIM card swap attacks
Jonathan Bester, 2024-07-15 (Update: 2024-07-15)