The rise in SIM swapping incidents reported to the FBI has been alarming in recent years, with a significant increase in cases in 2021 compared to the previous three years combined. According to a new alert from the FBI’s Internet Crime Complaint Center (IC3), there were 320 complaints related to SIM swapping between January 2018 and December 2020, resulting in losses of approximately $12 million. However, in 2021 alone, the IC3 received 1611 SIM swapping complaints with losses exceeding $68 million.
SIM swapping typically involves fraudsters manipulating mobile carrier employees to transfer a victim’s mobile number to a SIM card in their possession. They may also use malware-laden phishing emails to gain access to carrier IT systems or bribe insiders at the phone company to carry out the swap. Once the SIM is swapped, the criminal gains access to the victim’s calls, texts, and other data, allowing them to hijack online accounts associated with the victim’s phone number.
This method is often used to target cryptocurrency accounts, as seen in the case of a Canadian teenager who stole $36.5 million from a US victim. To protect against SIM swapping attacks, the FBI advises users to avoid sharing personal information online and refrain from disclosing details about crypto and financial assets on social media.
Furthermore, individuals are encouraged to use strong multi-factor authentication methods that do not rely on SMS passcodes, such as biometrics and standalone authentication apps. Carriers are also urged to enhance internal security measures through improved staff training, better phishing detection, and enhanced customer authentication protocols.
By staying vigilant and implementing these security measures, individuals can reduce the risk of falling victim to SIM swapping scams and safeguard their online accounts and assets.