Browse Definitions :
Definition

SIM swap attack (SIM intercept attack)

A SIM swap attack, also known as a SIM intercept attack, is a form of identity theft in which an attacker convinces a cell phone carrier into switching a victim’s phone number to a new device in order to gain access to bank accounts, credit card numbers and other sensitive information. Relatively new and on the rise, SIM swap attacks are increasing in popularity due to the growing dependence on cell phone-based authentication methods.

Cell phone SIM cards are used to store information about its user and communicate with the Global System for Mobile communication (GSM). Without a SIM card, devices cannot be registered to an account, network or subscription. By compromising the SIM, this introduces a type of attack that does not affect the programming of the device at all, but rather disables it remotely without the victim’s knowledge.

The first step in a SIM swap attack is for the hacker to phish for as much information about the victim as possible. Through fraud emails, phone calls or social media accounts, hackers trick victims into revealing personal information such as legal names, birthdates, phone numbers and addresses that may be tied to account security.

After the attacker has collected enough information to fake the victim’s identity, they will call the cell phone provider to claim the original SIM card has been compromised and that they would like to activate a new one in their possession to the same account. Using the personal data previously collected, attackers can usually answer security questions without raising alarm and complete the transaction.

Once this is complete, the attacker has access to all of the victim’s text messages, phone calls and accounts that may be linked to the phone number. Since a large amount of banking, email and social media accounts can be retrieved or reset with mobile authentication, SIM swap attacks leave massive amounts of information vulnerable. If not caught early on, the attacker could potentially open new bank accounts to transfer funds in the victim’s name or lock the victim out of all accounts.

How to identify a SIM swap attack

The tell tale sign of a SIM swap attack is the discontinuation of sending or receiving text messages and calls to a device. Once the attacker has successfully redirected a phone number, the victim’s device will practically void its communication capabilities.

Cell phone users can also contact the provider to inquire if a SIM activation has been requested. Certain mobile carriers will also send an email confirmation of the SIM swap, verifying that this was made by the account holder.

How to prevent a SIM swap attack

Users can help protect cellular devices from SIM swap attacks in the following ways:

  • Avoid relying on SMS for primary communication as the data is not encrypted
  • Keep personal information utilized for protecting accounts private
  • Verify the types of alerts set up for each account to identify false logon attempts
  • Utilize the offer from every major US cell phone provider to set up an account PIN or passcode separate from the number
  • Enable two-factor authentication (2FA) for social media, credit card and bank accounts
  • Download authenticator apps, such as Google Authenticator and Authy, to link the physical cellular device
  • Remove cell phone numbers from accounts that do not require one
This was last updated in September 2018

Continue Reading About SIM swap attack (SIM intercept attack)

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • What is cybersecurity?

    Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.

  • private key

    A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt ...

  • DOS (disk operating system)

    A DOS, or disk operating system, is an operating system that runs from a disk drive. The term can also refer to a particular ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

  • RAID 6

    RAID 6, also known as double-parity RAID, uses two parity stripes on each disk. It allows for two disk failures within the RAID ...

  • NOR flash memory

    NOR flash memory is one of two types of non-volatile storage technologies.

Close