SIM Card Swapping; What It Is and How To Avoid It
On February 8, 2022, the Federal Bureau of Investigation published a public service announcement about the malicious criminal act of SIM card swapping – a process that has resulted in more than $68 million in lost assets during 2021, a 467% increase in stolen assets compared to the past two years. The scheme works as follows; first, a criminal actor gains access to a victim’s phone account through a wireless carrier, possibly through victim impersonation at a physical store or via phone, paying off an employee at the wireless company, utilizing phishing techniques to trick employees into downloading malware onto the company systems that carry out sim card swaps, or through other means. Once a criminal actor has successfully swapped SIM cards, they have access to the victim’s calls, texts, and data. This includes password recovery and security that operate with SMS based two-factor authentication, and thus, criminal actors reset account passwords to gain control of cryptocurrency wallets, and can transfer the funds to themselves.
While SIM swaps can be devastating to victims, the victim may have recourse. Victims of SIM swaps may be able to bring claims against cryptocurrency exchanges and cellular providers for cryptocurrency theft and loss, depending on the circumstances.
If you have a question about SIM swaps, contact Michael Haeberle at firstname.lastname@example.org.