Personal data-stealing cyberattacks are on the rise. While most people are aware of phishing attacks, very few are aware of the dangers of SIM swapping, which occurs when cybercriminals obtain a duplicate of a victim’s mobile SIM card. They can then circumvent the two-step verification process that protects services like your banking app by using a duplicate SIM. The problem is so serious that the FBI issued a warning about SIM swapping, and in response, Check Point® Software Technologies Ltd., a global provider of cybersecurity solutions, has compiled three simple tips to avoid becoming a victim.
“Cybercriminals are always looking for new ways to steal your data to achieve their goals. It’s important that people are able to spot the signs of an attack. If you’re not aware of these tell-tale clues, you’re putting yourself at higher risk and are more likely to suffer more serious consequences. This could mean having your bank account emptied or you could fall victim to identity theft which would enable the criminal to buy goods and services over the internet in your name,” warns Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East.
What is SIM swapping?
When a cybercriminal obtains a duplicate of your SIM card, SIM swapping occurs. However, in order to do so, they will need access to your personal information, such as your ID, phone number, and full name, which they can obtain through phishing techniques. They can then contact your mobile operator and impersonate you over the phone, the internet, or even in person.
Once the duplicate SIM is obtained, the cybercriminal only needs to insert the card into a device to gain access to all of the victim’s account information and data, including call logs and message history. From then on, s/he has complete control, and it is simple to access your banking app and steal your money by transferring it to another account. Although this would necessitate the use of a verification code, keep in mind that the attacker has access to your mobile line and can simply copy and paste the code that was intended for you.
How to stay safe:
1. Be careful with personal data: this is the information that cybercriminals need to duplicate your SIM. This is why it’s so important to be careful about the websites you visit. Make sure the site in question is official and that it has all the various security measures in place, such as an encrypted connection. Look out for the padlock symbol in the address bar, which shows that it has a valid security certificate, and that the URL begins with httpS://, if it does not include the final -S://, it could be a risky page.
2. Be aware of phishing: you need to know the tell-tale signs of a phishing attack to prevent them from gaining access to your personal data. Look out for emails and text messages with spelling mistakes even if you know the sender. Pay close attention to the domain name to make sure it’s genuine. The same applies to strange-looking links or attachments. Often, these types of details are signs of a phishing attack.
3. Look out for loss of signal: one easy and sure-fire way to find out that there is a duplicate SIM card, is that you will completely lose your mobile signal. This is because you will now have a phone with a SIM card that has no access to a mobile network. As a result, you will no longer be able to make or receive calls and texts. If this
happens, you need to contact the authorities and your mobile operator so that they can deactivate the SIM and start the process of recovering your data.