I just heard about a new scam that I want to make sure you’re aware of as well. It’s called the Sim Card Swapping scam. This is when someone decides to target you (who knows why – your status? your wealth? your position in your community?) and takes over your cell phone number. From there, they can take over your social media, gain access to your financial accounts accessed via your phone, and any number of any other nefarious acts.
How does this scam work?
The process is relatively simple. The scammer enters the physical store of your cell phone provider, or they call the toll-free number, pretending to be you. Then they provide a forged license or other personal information. The scammer will say they lost their phone. They say they already have a new phone; they just need your service provider to transfer all of the information from the “lost” phone onto the SIM card of the new phone.
…. and Boom! Just like that, they have access to all of your contacts, their phone numbers, affiliations, birthdays, and any personal information you have about each contact. They also have access to any apps you’ve allowed from your phone. Do you have the Dropbox app installed on your phone? Now they have access to all of those documents as well. How about Amazon? Does the Amazon app have your credit card information stored? Sounds like a fun shopping spree…
I called my local AT&T store in Boulder, where I’ve been a customer for years, and spoke with one of their floor representatives. When I asked him about the SIM card swapping scam, he wasn’t aware that it was a problem. He said that as long as you have a photo ID with the correct address, you should be able to gain access to your account. That didn’t give me a lot of confidence! I then asked him about the PIN that we set up a few years ago. He indicated that if an account has a PIN set up, they will ask the customer for that number in addition to verifying name, address, and photo. I then asked what the maximum number of digits were for the PIN which he said was six.
How to protect yourself from the SIM card swapping scam:
In all likelihood, the vast majority of the public won’t be targeted. But if you are known in the crypto-currency community, are wealthy, or have a high profile in your town I would recommend that you be extra vigilant. Regardless, I would recommend doing several things right away:
- First, enable 2FA or two-factor authentication. In the past, I’ve talked about two-factor authentication and why it is so important. Try not to use “text message” as an option to confirm your identity. Set it up so that they need to call a land-line with the code, or send the code to an email address that is not set up on your cell phone.
- Next, talk to your cell phone provider and make sure you have a PIN set up. Make sure it is a long as they will allow. (Note to self: Change AT&T PIN from four digits to six!)
- Then, log out of all of your Social Media accounts on your phone. Set it up so that you need to log in each time. Remember to log out every time! (This is something that Chris does. He has never downloaded the Facebook app to his phone. Instead, he accesses Facebook via Safari and logs in/logs out each and every time.)
Here are some articles to learn more about SIM card swapping:
Information about Geek For Hire, Inc.
Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area as well as remote service throughout North America.
We’ve been using Amazon Prime for the past few years. We like the free and fast shipping. With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.