SIM-Swap Definition
SIM-Swap, also known as SIM-jacking, refers to a type of identity theft where a fraudster manipulates a victim’s mobile phone carrier into porting the victim’s phone number to a SIM card controlled by the fraudster. Once successful, the perpetrator gains control over the victim’s mobile communications, including phone calls, text messages, and two-factor authentication codes sent via SMS.
SIM-Swap Key Points
- SIM-swap is a form of identity theft where criminals gain illegal access to victims’ phone numbers and associated accounts.
- The fraud often involves manipulating telecom providers to transfer the target’s phone number to a new SIM card.
- This type of fraud is relatively easy to perform but has severe consequences, particularly in relation to financial and digital assets.
- Victims often remain unaware of a SIM-swap until it’s too late, making prevention and timely response crucial.
What is SIM-Swap?
As a form of telecom fraud, SIM-swap takes advantage of the vulnerability in two-factor authentication and verification. These security measures often rely on text messages or calls, which can be redirected to the fraudster’s device once they have successfully performed the SIM-swap.
Who performs SIM-Swap?
Cyber criminals or fraudsters primarily carry out SIM-swap scams. Typically, they are individuals or groups with a sound understanding of telecom infrastructure, who exploit this knowledge to carry out the fraud.
Where does SIM-Swap occur?
SIM-swap can occur anywhere globally due to the universal use of mobile phone technology and telecommunication services. The scammer does not require physical proximity to the victim to successfully execute the fraud.
Why is SIM-Swap done?
In most instances, SIM-swapping is done with malicious intent. The goal is to gain access to sensitive information and accounts. This may include email, social media, and banking accounts, or even cryptocurrency wallets. Cybercriminals can then proceed to steal funds, personal data, or impersonate the victim.
How is SIM-Swap perpetrated?
Fraudsters usually start by gathering personal information about the victim, such as their full name, address, date of birth, and some details about their mobile carrier. They then contact the target’s telecom provider and pose as the account holder, or an employee of the carrier, convincing the provider to transfer the victim’s number to a new SIM card under their control. Once the phone number is transferred, the fraudster can receive all incoming calls, text messages, and importantly, two-factor authentication codes.