Browse Definitions :
Definition

SIM swap attack (SIM intercept attack)

A SIM swap attack, also known as a SIM intercept attack, is a form of identity theft in which an attacker convinces a cell phone carrier into switching a victim’s phone number to a new device in order to gain access to bank accounts, credit card numbers and other sensitive information. Relatively new and on the rise, SIM swap attacks are increasing in popularity due to the growing dependence on cell phone-based authentication methods.

Cell phone SIM cards are used to store information about its user and communicate with the Global System for Mobile communication (GSM). Without a SIM card, devices cannot be registered to an account, network or subscription. By compromising the SIM, this introduces a type of attack that does not affect the programming of the device at all, but rather disables it remotely without the victim’s knowledge.

The first step in a SIM swap attack is for the hacker to phish for as much information about the victim as possible. Through fraud emails, phone calls or social media accounts, hackers trick victims into revealing personal information such as legal names, birthdates, phone numbers and addresses that may be tied to account security.

After the attacker has collected enough information to fake the victim’s identity, they will call the cell phone provider to claim the original SIM card has been compromised and that they would like to activate a new one in their possession to the same account. Using the personal data previously collected, attackers can usually answer security questions without raising alarm and complete the transaction.

Once this is complete, the attacker has access to all of the victim’s text messages, phone calls and accounts that may be linked to the phone number. Since a large amount of banking, email and social media accounts can be retrieved or reset with mobile authentication, SIM swap attacks leave massive amounts of information vulnerable. If not caught early on, the attacker could potentially open new bank accounts to transfer funds in the victim’s name or lock the victim out of all accounts.

How to identify a SIM swap attack

The tell tale sign of a SIM swap attack is the discontinuation of sending or receiving text messages and calls to a device. Once the attacker has successfully redirected a phone number, the victim’s device will practically void its communication capabilities.

Cell phone users can also contact the provider to inquire if a SIM activation has been requested. Certain mobile carriers will also send an email confirmation of the SIM swap, verifying that this was made by the account holder.

How to prevent a SIM swap attack

Users can help protect cellular devices from SIM swap attacks in the following ways:

  • Avoid relying on SMS for primary communication as the data is not encrypted
  • Keep personal information utilized for protecting accounts private
  • Verify the types of alerts set up for each account to identify false logon attempts
  • Utilize the offer from every major US cell phone provider to set up an account PIN or passcode separate from the number
  • Enable two-factor authentication (2FA) for social media, credit card and bank accounts
  • Download authenticator apps, such as Google Authenticator and Authy, to link the physical cellular device
  • Remove cell phone numbers from accounts that do not require one
This was last updated in September 2018

Continue Reading About SIM swap attack (SIM intercept attack)

SearchCompliance
  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

  • risk profile

    A risk profile is a quantitative analysis of the types of threats an organization, asset, project or individual faces.

  • risk appetite

    Risk appetite is the amount of risk an organization is willing to take in pursuit of objectives it deems have value.

SearchSecurity
SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
  • cloud archive

    A cloud archive is storage as a service for long-term data retention.

  • cache

    A cache -- pronounced CASH -- is hardware or software that is used to store something, usually data, temporarily in a computing ...

  • archive

    An archive is a collection of data moved to a repository for long-term retention, to keep separate for compliance reasons or for ...

Close