SIM Swap Fraud is a Growing Problem
July 19, 2017
There’s a new online banking risk out there. It’s called SIM swap fraud.
The U.S. Fair Trade Commission reports that there were 2,658 incidents of SIM swap identity fraud in January of last year.
“SIM swapping is a relatively new threat, but it has already claimed a number of victims. In 2016, Chris Sims (and yes, his name is a bit ironic in this context) had more than $1,500 stolen from his bank account in 75 minutes,” according to a Yahoo! Tech/Digital Trends article. “Sims says the fraudster called his bank, Halifax, impersonating Sims in order to have his online bank settings reset.”
In this kind of scenario, hackers acquire SIM cards for accounts for which they are not the account holders. That enables the hackers to gain access to the bank accounts, credit card numbers, and other information of the actual account holders.
Hackers are sometimes able to get these SIM cards by convincing cellular phone store representatives that they are the account holders, explains a recent Digital Trends posting. Finextra said SIM swap can also happen when a fraudster obtains a person’s banking information through phishing techniques or via an organized crime network, and then uses that to reactive the victim’s mobile number to a different SIM.
“As a result, all calls and texts to the victim’s number are routed to the fraudster’s phone, including one-time passwords for banking transactions,” writes Matt Hooper. “After receiving a one-time pin or password from a bank, the fraudster can then potentially access the customer’s bank account and transfer funds.”
In his Finextra blog, Hooper goes on to suggest that cellular companies may want to consider providing their agents with special training so they more easily recognize when someone is trying to impersonate a customer. He adds that banks and mobile operators can also improve their authentication processes to lessen SIM swap fraud and security breaches in general.
Article comments powered by