If you have a prepaid or post-paid wireless phone, law enforcement officials warn you could become a victim of the so-call “SIM swap” scam. You could not only lose your phone number but money as well.
What makes this fraud particularly scary is the fact that the scammer can steal your phone without ever touching it.
CTIA, a wireless industry trade group, says a criminal only needs to gather some personally identifying information about the victim – things like name, physical address, email address, and mobile phone number. Unfortunately, much of that information is available on the internet.
“Once the fraudster has this information, they may call your wireless provider and pretend to be you in order to transfer your phone number to a new SIM card and device,” the group warns.
A SIM card is a small memory card that fits into a mobile phone. It contains all the information about the mobile account, including the telephone number. Once a thief successfully transfers the phone number to a new device, the victim’s phone goes dead and the fraudster has access to a host of sensitive information.
A victim’s story
A report by WHBQ-TV in Memphis told the story of a local resident who said she contacted Cricket Wireless after getting a text about changes to her account. After that, her phone went dead.
Upon investigation, she discovered that another name had been added to her mobile phone account. After that, she learned that someone had taken $3,500 from her bank account. Days later, she found that someone had opened new credit cards in her name.
“I understand, if I lost my phone, but they just took the number right out of the phone, like through the air,” the victim, identified only as Jenna, told the station.
How to protect yourself
According to CTIA, there are some ways that mobile phone users can protect themselves. For starters, consumers should establish a PIN on the account that is required for account access. Just like passwords, PINS should not be based on other identifiers, such as birthdays and anniversaries.
Downloading the mobile provider’s mobile app can help consumers stay up to date on security updates and alerts. If you stop receiving any calls or texts, and you don’t know why, contact your wireless provider immediately. Even if you don’t use your mobile device often, you should check regularly for provider and account alerts.
Limit sharing your phone number in situations where it might be widely posted or distributed.
Follow your provider’s security advisories and leverage tools such as multi-factor authentication.
Finally, keep personally identifying information – no matter how seemingly insignificant – off of social media. Beware of pretexting or “phishing” attempts.
If you receive a call, email or text message asking you for your social security number or a portion of your social security number, your bank account number, your driver’s license number, or other identifiers or financial details, do not provide them even if the call, email, or text appears to be from a trusted entity. Instead, contact the trusted entity separately and directly.