skout-blog

Cybersecurity Threat Advisory 007-20: SIM Swapping Fraud

Advisory Overview

There has been increase in targeted attacks using SIM Swapping as a method to gain access to victim’s private data such as banking information, credit card information, and personally identifiable information. We advise taking extra precautions to secure your accounts, such as adding a password/pin to your cell phone authentication procedures and using non-SMS based multi factor authentication. Additional recommendations are included below.

Technical detail and additional information

What is the threat?

A SIM Swap is when a malicious actor impersonates you to a phone carrier to switch the unsuspecting victims phone number over to a SIM card they own. This unauthorized change will divert all phone services to the new device the malicious actor then controls. The malicious actor could then make change to a victim accounts and confirm these changing with accounts utilizing SMS based authentication.

Why is this noteworthy?

SKOUT’s SOC has recently worked on an increasing number of incidents related to sim swapping. Security researchers at Princeton recently released a study on Sim Swapping with findings concluded that five of the United States major prepaid wireless phone carriers are vulnerable to SIM swapping attacks.

Signs of SIM Swapping Fraud

  • Cell Phone displays ‘No Service’ Message. The most notable sign that you may be a victim of sim swapping is that you will be unable to place phone calls and send text messages. This occurs once your phones SIM card has been deactivated.
  • Suspicious Account Activity Notification. Phone providers often send notifications when your Sim card has been activated on a new phone. If you did not authorize this transfer, contact your phone provider right away.
  • Accounts become Inaccessible. In the event that accounts become inaccessible and your cell displays no service, this indicates you are likely a victim or Sim Swapping.

What are the recommendations?

  • Set up a password/pin with your phone provider. Contact your phone provider and set up a password/pin that would be needed in order to authorized a sim card activation on a new phone.
  • Set up multifactor authentication. Non-SMS based Multi factor authentication should be used on all email, banking, and other important accounts. Two factors applications like Google authentication and Duo should be used.
  • Create strong passwords. Create strong passwords that include upper and lowercase letters, numbers and special characters. Be sure to change them every 90 days and avoid reusing them for multiple online accounts. Do not reuse old passwords.

Additional Recommendations:

  • Regularly review your bank statements for signs of suspicious activity.
  • Request your credit reports from the three major credit bureaus to look for suspicious credit activity on your file.
  • If you think someone is using your personal information to open accounts, file taxes, or make purchases, visit IdentityTheft.gov to report and recover from identity theft.
  • Additional Resources on Identity theft can be found at: https://www.consumer.ftc.gov/topics/identity-theft
  • Additional steps at https://www.identitytheft.gov/steps

References:

For more in-depth information about the recommendations, please visit the following links:

If you have any questions, please contact our Security Operations Center.