Since the advent of fast Internet networks like 3G and 4G on smartphones and an array of apps that have changed the way people text each other, we increasingly tend to ignore the paradigm of messaging services — SMS.
Most of us don’t even bother to check SMS notifications as it is mostly spam. However, this habit can be hazardous. A scam called SIM card swapping is on the rise, which includes identity theft and fraud, and anyone can fall prey to it.
How does SIM card swapping work?
Scammers send phishing emails to their targets, getting as much SIM-specific information as they can without giving the plot away.
Unfortunately, a significant number of people can’t differentiate between an actual email and a phishing scam. As a result, thousands of working adults fall prey to phishers.
Malicious agents can get further information by perusing their victim’s social media or from illegal data dumps commonly found on the Dark Web. Any information can be used to impersonate the victim convincingly.
Once attackers have all the necessary information, they approach the cellphone provider, requesting the activation of a number in their possession. If the attacker can answer the security questions, they can proceed without arousing suspicion.
Sometimes, an attacker may not even need to go to such extents. Given the regularity of such attacks, some speculate that SIM switching can be an inside job.
After gaining unfettered access to a phone, the attackers try to maximise their gains in the short period before the exploit is discovered.
They can read bank messages and access net banking accounts. An attacker with the necessary details can be free to use their victim’s credit cards and e-wallets.
At the very least, the attacker can rack up a sizeable end-of-the-month bill. There has been a collective loss of over 200 crores to these scams.
How to protect yourself?
It is difficult to detect a SIM swapping fraud before it happens. As it is a relatively new and complicated form of fraud, banks are still scrambling for a way to prevent it from happening.
In such tumultuous times, it is best to take every precaution possible, some of which are listed below:
- If your phone is out of the network for a strangely long time, inform your network provider immediately.
- Check your SMS messages regularly to ensure that there is nothing out of the ordinary.
- Use encrypted messaging services instead of SMS to exchange messages that contain sensitive information. Then, if you fall prey to such an attack, at least the damage will be minimal.
- For obvious reasons, avoid sharing personal details on social media as much as possible.
Some banks have already begun taking preventive action against SIM swapping attacks. They have implemented two-factor authentication for net banking. In addition, some institutions call customers to verify the change in SIM cards.
Though these measures help to prevent and mitigate SIM swapping attacks, it’s best to stay vigilant.