Most people have a smartphone today, using it as well to call and text, and to pay, to access their emails, social networks, etc. A fact that largely increases the risks of Sim Swapping. In this article, we explain what this fraud consists of, how to know if you are the victim, and what are the means to avoid it.
Sim Swapping: definition, operation and consequences?
The SIM card is a small removable smart card placed in a mobile phone. Each module is unique and associated with its user’s mobile account. It contains a wide variety of personal information, including contacts, text messages, operator, etc.
The SIM Swapping designates a hacking technique of accessing a person’s phone number as well as their SIM card data. In most cases, the fraudster contacts the mobile operator by pretending to be you, a user, and claims to have to activate a new SIM card, so transfer your phone number to this same new card. For example, he can excuse a flight, a new phone purchase or a loss of SIM.
To convince the operator to perform this operation, he will use personal information about you on the Internet or by other means (address, date of birth, etc.). If the operator’s customer service considers that it is you, it will reallocate your telephone number on the fraudster card. The latter can then reset all the passwords of your accounts, access your emails, your social media, your payment systems, etc. It can also control any two -fact factors transmitted to your phone via SMS.
Generally, the main objective of SIM Swapping is the usurpation of banking information for a financial gain. However, it sometimes happens that it is used in order to humiliate or publicly embarrass the person who is the victim, by pretending to be social networks. This was for example the case in 2019 of Jack Dorsey, CEO of Twitter, whose account was one day started to publish numerous offensive tweets. A very problematic attack on account with several million subscribers.
How do you know if you are the victim of a sim swapping?
Although the SIM Swapping is quite subtle, some signs can still put your ear in your ear. Here are some examples of situations that can indicate that you are the victim of this fraud:
- You no longer have a network; SMS and calls do not work.
- You are connected to WiFi and you notice requests to change account in your emails.
- Publications that you have not made appear on your social networks.
- Your bank accounts show payments and activities that you have not carried out.
- You can no longer access your personal accounts, because your identifiers no longer work.
- Your telephone operator tells you that your phone number or SIM card has been activated on another device.
If you think you have been the victim of Sim Swapping, the first thing to do is to contact your mobile operator immediately. You will then have to contact your bank as well as the other main organizations that may be affected.
The best ways to prevent Sim swapping
Without being able to protect yourself completely, a few gestures still make it possible to avoid this type of fraud:
- Reset PIN on your mobile account using a strong and unique code, known only to you. For the latter, do not use data such as your address, your birthday date, your social security number and other such information. Also, if you create identifiers or passwords for various accounts, avoid including your phone number.
- Use double authentication by favoring other means than sending SMS. It can for example be a device or an authentication application.
- Put your profiles online (Facebook, Twitter, Instagram, etc.) in private mode, or only accessible to friends, rather than public, because a lot of information can be collected without your knowledge if it is visible for everyone. << /li>
- Contact your mobile operator to find out if the latter offers solutions to protect its customers from SIM Swapping risks. For example, it is a question of sending a notification as soon as a card is re-emitted to your account.
Finally, always be careful when you receive emails or SMS that may seem suspect, for example phishing messages that can allow fraudsters to access your personal data. Do not click on any link or banner when you are online.