With the number of SIM swapping attacks on the rise, we take a look at what SIM swapping is, the dangers and how we can protect employees.
What is SIM swapping?
With the continual rise of mobile phone usage, cybercriminals are targeting devices. Attackers gain control of your mobile phone number through a malicious attack to get access to your personal information, calls and texts.
The attack is typically carried out by impersonating the phone owner or hacking the system via a phishing attack. SIM swapping is particularly dangerous because the person that takes control of the SIM takes on the identity of the original SIM owner and can send messages and make phone calls that appear to be from the original owner.
SIM swapping is also referred to as SIM splitting, sim hijacking and simjacking.
What are the dangers of SIM swapping?
Once the hacker has obtained your personal details they find out who your mobile phone provider is and contact them, pretending that they have lost their SIM card. Using your information they ask the customer service representative to activate a new card, which the hacker has. After this process has been completed, the cybercriminal has transferred your phone number to the new phone.
Now the fraudster has control of the mobile phone number they can receive texts with two-factor authentication codes. The codes can then be used to access personal and financial accounts and perform identity theft.
If you think that you’ve been a victim of SIM swap fraud, it’s important to ring your service provider immediately so they can deactivate your SIM card. Next you should contact your bank and credit card companies to check whether the cybercriminal has committed any fraudulent transactions on your accounts.
It’s also important to inform Action Fraud and Trading Standards so they can deal with the case and log it correctly. Make sure you warn family, friends and neighbours of suspicious activity to prevent them from becoming victims too.
How to protect employees
While SIM swapping is a threat faced by everybody, there are ways to protect yourself and your employees.
Hold regular training sessions to teach people the signs of SIM swap fraud, including:
- Any suspicious social media activity
- Being unable to make calls or send texts
- A notification of unexpected phone or account activity
- Being unable to access your bank or credit card accounts
Ensure employees keep their phone number and personal data secure by following these steps:
- Set unique, strong passwords on all devices: a strong password with letters, numbers and special characters is much harder for hackers to guess, which will keep your information safe.
- Use PIN codes: a PIN adds additional protection and means the attacker will need it before they can commit identity theft.
- Set up physical barriers: facial recognition and fingerprint access are another way to add extra barriers to prevent hackers from accessing your phone and data.
- Download an authentication app such as Google Authenticator: these apps act as an extra layer of security which is tied to a physical device rather than a mobile phone number.
- Use the call back service to check the identity of the person calling you: use the phone number on your account statement or on the company’s website to ring back and check whether the call was genuine.
- Limit the amount of personal information that you share online: don’t share information such as your date of birth and favourite band as this is the type of information that hackers will use to try and access your accounts.
- Be aware of phishing emails: emails that try to gain sensitive information could be used to carry out a SIM swap.
- Set bank and mobile carrier alerts: keep track of your money and receive alerts on any suspicious activity.
- Keep your device software up to date: out of date software is more prone to cyber-crimes.
- Choose random answers to security questions: for example, your place of birth could be purple.
Stay ahead of the latest cybercrime threats
SIM swapping has the potential to affect every single person who owns a mobile phone. It’s extremely important to protect our phone numbers because they are linked to our online identities.
Our experts can help keep your employees and data safe when using modern technology. Start putting the right policies and security measures in place for your business. Get in touch today.