When your mobile phone suddenly goes dead, it could be that the signal dropped or the battery died, or it could be that criminals have taken over your mobile account by doing a “SIM swap.”
A Subscriber Identity Module (SIM) card is a small smartcard that is inserted into a device, such as a mobile phone. The SIM card contains details about your plan and features and it allows you to connect to your carrier’s network. When criminals take control of your SIM card, they immediately get control of your mobile account. Your phone stops working and they can run up big bills buying new phones.
According to the Federal Trade Commission, SIM swap scams have become common in Europe and are increasing in the United States. Even an FTC employee became the victim of a SIM swap.
The Georgia Department of Law’s Consumer Protection Unit says that SIM swaps are a two-step process. First, the criminal needs to gather enough information to convince the carrier that they are the victim. They may purchase the data via online black markets, or obtain it through social engineering methods such as phishing emails. Then, they create a false document (such as a driver’s license) and go to a carrier’s retail store. The fraudster claims that they have lost their phone and need a replacement. They choose one or more new phones that are charged to the victim’s account. When the new phone is activated, the victim’s phone immediately stops working. The criminal then sells the phone(s) they charged to the victim.
In some cases, they take the scam further, using the new SIM card to receive text messages that allow them to access the victim’s bank accounts and more. Many password retrieval systems involve sending text messages to the account holder’s phone. When the criminal has the victim’s SIM card in a phone, they get the text messages and can take control of the accounts.
The FTC recommends that you establish a password or PIN with your mobile carrier, to be required before changes can be made to your mobile account. They also say you should be alert for phishing attempts, protect your financial account information and watch your mobile and credit card bills for signs of fraudulent purchases. If your phone shows a message saying “emergency calls only” or “no network,” contact your carrier immediately to see if your account has been hijacked.
If you believe that you have become the victim of SIM swap fraud, you should immediately contact your wireless carrier, notify local police, and access the resources at IdentityTheft.gov to create a recovery plan.
