Surely you already
know what we are talking about! SIM swapping happens once you ask your existing
or new mobile operator for a new SIM card to transfer your cell number there.
While many people and
mobile clients do this for perfectly legitimate reasons, unfortunately,
cybercriminals do it too – albeit for much darker reasons.
Why do people do SIM swaps?
There are various
motivations that drive people to want -or have to- change their SIM. Suppose
your cell phone got damaged or, for one reason or another, you decided to buy a
new phone, but your old SIM card doesn't fit in this new device; Or maybe your
SIM card itself got damaged or you decided to change your mobile operator. mistress?
There are many reasons -legitimate- that encourage the exchange of SIMs on a
daily basis.
Thanks to SIM exchange
services and the portability of mobile numbers, today it is possible to keep
the same mobile number -with the same digits- for years, even decades. Luckily,
it is no longer necessary to alert everyone you know when you change your phone
or operator; just changing your SIM or transferring your number will suffice.
It is due to the above
that, if you think about it, the vast majority of your accounts (banking,
email, social networks and more) are linked or connected to your cell phone
number. In other words, the time when cell phones would only serve as a means
of communication to answer and make calls is a thing of the past!
Additionally, it is
highly likely that several of the previously mentioned accounts will improve
methods to reinforce the security of your data, such as -for example-
two-factor authentication, which is closely linked to the use of your mobile
device as means of verification.
And it is that,
without a doubt, security has played a very important role since the beginning
of our digital age. People spend an average of 24 hours online each week,
double what they did just 10 years ago. One in five adults even spend up to 40
hours a week surfing the web.
What is identity theft and why
should you care?
Now imagine that all
this exchange is done -in your name- by someone other than you. Cyber
criminals make a living knowing how to do this, and in fact, have been doing
it for years. However, for whatever reason, some companies still don't seem
interested in catching up on security to protect their customers from identity
theft.
Identity theft occurs
when an imposter gains access to your Personally Identifiable Information (PII)
and uses it for their personal benefit and exploitation. Most likely you have
already heard hundreds of scary stories about scammers taking advantage of SIM
swapping with malicious intent. More and more of these stories are coming from
ordinary people like you.
Not too long ago, this
was a concern reserved mostly for people with a lot of money in their accounts.
However, this situation has changed and now we can all fall prey to this type
of fraud. The reason? Scammers are diversifying the profiles of their victims
and thus mitigating the risk of being caught by taking over the accounts of
ordinary people, like you or me.
For example, did you
know that children are easy targets for identity thieves because they don't use
their own credit cards and probably won't notice any irregularities or identity
theft until they reach adulthood or come of age? ? That's how it is! Our
children are now in the crosshairs of many foreign friends. In less than 30
minutes, scammers can switch your SIM card and take over your accounts to
transfer your money and take away your life savings. But the worst thing is not
the lost money, what is really worrying is the theft of your identity. Can you
imagine having to be reported to Datacrédito or involved in a serious legal
accusation caused by third parties?
How can cyber scammers steal your
identity without you even noticing?
Here are the 3 main
steps involved in illegitimate SIM swapping:
●
Social Engineering: The art of tricking people
into providing sensitive information. The type of information these criminals
seek can vary, as can the methods they use to obtain that information; but it
all comes down to gaining access to your passwords and personal data. Scammers will
often follow your activity on social media and learn everything about you,
including your childhood neighborhood, the name of your first pet, and even who
your best friend was in school.
●
SIM Swapping – You may be wondering how
someone can access your SIM card, and the answer is: quite easily. Having
previously done extensive social engineering to collect all your information,
these criminals can simply call your mobile operator posing as you. After all,
they already know your full name, date of birth (remember all those Facebook
posts congratulating you on another year of life?), your pet's name, your
children's names, your address; and everything they need to make it seem that
-in effect- it is you on the phone. Some are even capable of bribing employees
within mobile operators in order to obtain a copy of your SIM card. And just
like that, you are no longer the sole owner of your mobile phone number. Every
unique PIN, every login, every verification and identification process can now
be seen by the impostor. In other words, just like that, you have been exposed
and none of your accounts remain safe after the event.
● Fraud: The last step in this process is to perform a fraudulent act. By receiving your unique PIN or any other verification method related to the mobile phone, the scammer can easily access your email and change your address. From then on, the possibilities of fraud are endless for whoever is now the owner and master of your identity within the digital universe. By this point, the scammer has already claimed victory.