If you access a website and have forgotten the password, there is usually a link labeled ‘Forgot Your Password’ or similar and if you click the link they will send you a password reset request by email. You click the reset request in the email message and reset your password.
Now, if scammers can get hold of such an email message, then they can reset your password and lock you out of your own account and you will have great difficulty getting your account back.
This situation is becoming more dangerous as many people and businesses rely on mobile phones for proof of identity. e.g. your bank may send you security numbers to type into your account to prove your ID but if scammers can access your phone and read your messages, they are in control.
The SIM Card Swap
Unless you have leave sufficient information openly online for scammers to break your password, then their usual approach is called social engineering.
This means to take advantage of people’s trust. So they will research your information online and use what they find to convince a mobile phone shop worker (or customer service worker) to cancel your current SIM card (I lost it) and activate a new one.
They will then have access to your messages, contacts list etc.
Then they try to access your bank account and shopping accounts.
Prevention
To be safe, you need to limit the amount of personal information that is available about you online. Anything you make public can be read by criminal’s intent on defrauding you or stealing your identity.
Text messages are very useful, but remember that they are not encrypted and can potentially be read by anyone.
You can use APPS that encrypt the data such as iMessage, WhatsApp, Signal, etc. for anything that must be kept private.
If there is any suspicious activity on your account or you receive suspicious calls, then contact your bank or phone company.
Do leave a comment on this post – click on the post title then scroll down to leave your comment.