The SIM Swap Scam

If you access a website and have forgotten the password, there is usually a link labelled ‘Forgot Your Password’ or similar and if you click the link they will send you a password reset request by email.  You click the button in the email message and reset your password.

Now, if scammers can get hold of such an email message, then they can reset your password and lock you out of your own account and you will have great difficulty getting your account back.

This situation is becoming more dangerous as many people and businesses rely on mobile phones for proof of identity. e.g. your bank may send you security numbers to type into your account to prove your ID but if scammers can access your phone and read your messages, they are in control.

The SIM Card Swap

Unless you have leave sufficient information openly online for scammers to break your password, then their usual approach is called social engineering.

This means to take advantage of people’s trust. So they will research your information online and use what they find to convince a mobile phone shop worker (or customer service worker) to cancel your current SIM card (I lost it) and activate a new one.

They will then have access to your messages, contacts list etc.

Then they try to access your bank account and shopping accounts.

Prevention

To be safe, you need to limit the amount of personal information that is available about you online. Anything you make public can be read by criminals intent on defrauding you or stealing your identity.

Text messages are very useful but remember that they are not encrypted and can potentially be read by anyone.

You can use APPS that encrypt data such as iMessage, WhatsApp, Signal, etc. for anything that must be kept private.

If there is any suspicious activity on your account or you receive suspicious calls, then contact your bank or phone company.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature