No, this isn’t swapping stories about your favorite Sim’s game. This article is talking about a cyber-attack where a bad person transfers your cellphone number to their cellphone.

What is a SIM?

It stands for “Subscriber Identity Module." The easiest way to think of a SIM is an electronic identity for your cellphone number. It can only be associated with one device at a time. When you are paying your cellphone provider, you’re paying them to associate the SIM to your cellphone and no other device.

Why do bad people swap the SIM?

There are multiple reasons that they might want to do so. The most common reasons are:

• Gain access to SMS/Text Message based MFA codes

• Utilize it for other nefarious purposes without the phone number being associated to them.

How are they able to swap the SIM?

If you have ever changed cellphones, you have swapped a SIM before, whether it was a physical or eSIM card. Most modern phones now utilize eSIM so that you no longer have to have a physical card to move around or lose.

When you upgrade a phone with your current carrier, they already have all the information for your new phone and the SIM card information. However, if you have bought a phone outside of the carrier and wanted to switch to it, you likely had to provide some extra information about the phone to your carrier.

The bad people perform what is called Open-Source Intelligence (OSINT), which is just a fancy way of saying, they look through your social media and any other publicly available information about you. They use this information to then answer the security questions most carriers allow you to configure.

Think about it, have you ever posted about your birthday, pets, visited locations, special occasions, trips, those “questionnaires” that let people know about your childhood, etc. on social media?

All of those kinds of things are a treasure trove to the bad person.

They will call into your carrier’s support team to request transferring the SIM to their phone under the guise that they are you with a new phone. The carrier’s support team will ask some challenge questions such as asking your mother’s maiden name, the city where you grew up, favorite pet, childhood nickname, etc.

Since the attacker has all that information from your social media or other locations, they can easily answer the questions correctly. After which, the support staff will gather the required information about the device and start the transfer process.

Once it is done, the bad person will then login to whatever application they have your credentials for that need a SMS (Text message) MFA code. Since they now have your phone number on their cell phone, they will receive the code and be able to login.

How do I know if I have fallen victim?

The general rule of thumb to know if you have been SIM swapped is that your device will no longer connect to your carrier’s network. For example, if you are in an area that has known good cell coverage, but you can’t place calls, send texts, or use mobile data, chances are that you have been a victim of a SIM swap. There are caveats like if you are at a concert or other venue where there are a lot of people using their cellphones, which can cause disruptions due to congestion on the cellphone tower.

What can you do to protect yourself?

As mentioned in the previous MFA Post, utilize stronger MFA methods such as a generator app or physical device. The app-based one does not follow your phone number. When you switch to a new device, you would have to migrate the application per its recommended method. The physical one would require the hardware device to be stolen from your possession, which would be unlikely.

Another way to help prevent this is to contact your carrier and setup a PIN or passcode with them, that isn’t easily guessable (i.e. no birthdays/anniversaries/etc.). This PIN or passcode would have to be provided alongside answering the security questions before any changes can be made to the account.

While you are working with your carrier, setup account change alerts to your email or another friend/family member. This will alert you that something changed. If you or someone else on your carrier’s plan did not initiate the change, you can act quickly.

Conclusion

SIM swapping is a serious threat, but by taking proactive steps, you can protect yourself from becoming a victim. Stay vigilant and keep your personal information secure.

As always, feel free to comment below. Keep them civil and on-topic.