Protecting your sensitive data seems to be more difficult than ever.
Massive data breaches like the one at Equifax that we learned about last year aren’t helping matters. Critical data like your Social Security number, name, phone number, date of birth and more was exposed in that breach.
Now, scammers are using stolen information to take control of victims’ smartphones.
How does a SIM card swap scam work?
You are probably familiar with the SIM card – that little chip that’s inserted in your cellphone to identify you within the cell network and assign you your phone number.
If your phone is lost or stolen, your cellphone provider will issue you a new SIM card to activate and use on your new phone. However, some devious criminals out there have found a way to rip you off using your own SIM card against you. Yikes!
Here’s how a SIM card swap scam works. With stolen personal information, the fraudster will contact the victim’s cellphone carrier and claim that their phone has been lost, damaged or stolen and they need to activate a new phone with a fresh SIM card.
If they successfully pass the carrier’s identity checks by answering the security questions, the old SIM card is deactivated and the SIM card in the criminal’s hands is activated. All of the victim’s calls and texts are now received on the criminal’s phone.
Once the victim’s SIM card is deactivated, their phone, of course, will stop working, usually with a “No Service” warning. This is the first warning flag you’ll have to watch out for.
The criminals then attempt to claim the victim’s online banking account, again using the personal information gathered, but this time, they will also use the victim’s phone number for two-factor authentication codes. With this crucial window of opportunity, they start changing profile settings then add and set up withdrawal accounts.
With these additional accounts set up, the criminals start draining the victim’s bank account. The banks will ask for confirmation via two-factor authentications via text messages to your phone number, which, unfortunately, is still under the criminal’s control. At this point, it’s game over.
Protection against this type of scam
The best way to avoid falling victim to a SIM card swap scam is to add a PIN code to your smartphone account. This will add a third layer of protection that the scammer won’t have access to.
Here’s how to set one up for each of the major U.S. carriers:
There are a few ways to set up your PIN code with Verizon. The easiest is to visit VZW.com/PIN and set up your PIN. You can also set one up by visiting a Verizon store or calling the company at 1-800-922-0204.
Having a PIN for your account is actually required by Sprint. To check on yours or update it, log in to your account and select My Sprint >> Profile >> Security Information. Once you’ve selected or updated your PIN click Save.
First, log in to your account. Then select View Profile >> Sign-in Info >> Wireless Passcode >> Manage Extra Security. This is where you will create your PIN.
T-Mobile makes it really easy to create a PIN. Simply dial 611 or 1-800-937-8997 on your phone. You can even create a longer PIN than the other carriers, up to six digits where the others are four digits.
Here’s another type of phone scam to watch out for, it’s called porting
The battle against cybercriminals is always evolving. That’s because when we catch on to their scams they change them up to find more victims. Which is why we’re always having to come up with more secure ways of protecting our critical information. Can you imagine the damage that could be done if a hacker is able to get access to sensitive data on your smartphone? Well, there’s a new scam going around that would do just that.