SIM SWAPPING: WHAT IS IT AND HOW DOES THIS FRAUD WORK?
If we stop to think about what we fill the storage space of our smartphone with and what information we would be most afraid of losing, many users surely put their social networking applications before other things. However, not everyone is aware that there is something on our mobile phone that can be of great interest to criminals and that can turn data theft and identity theft into a theft of money from our bank account or cryptocurrency wallet.
SIM swapping phases
We must bear in mind that this technique is not the result of a security breach in our devices, but rather the lack of implementation of strict verification protocols when requesting a copy of our SIM card. In addition, this technique is used in conjunction with other social engineering techniques in order to obtain benefits, since what criminals are looking for in this case is toIn the first phase, the criminals try to obtain the user’s credentials; usually those related to online banking to maximize the economic benefit, although, as we will see later, this is not the only objective. The theft of credentials is usually carried out through traditional social engineering techniques, such as using fraudulent websites to which the user is redirected from a link sent in an email or through a fake mobile application that impersonates the identity of the entity. banking. Once the credentials are obtained, the criminals try to obtain a clone of the victim’s SIM in order to receive the verification codes by SMS (two-factor authentication). For that, cybercriminals take advantage of the poor identity verification measures that some operators usually request. After collecting the personal information of its victims, for example, through social networks, they make a call or physically go to a store of the telephone company responsible for the SIM they want to clone to request a duplicate card. It often happens that the Users realize that there is a problem when they stop having a signal on their phone . It is not uncommon to see that criminals do not put up too many barriers when it comes to obtaining this duplicate SIM and this is a serious problem. Once this duplicate is obtained, the criminals can enter the victim’s bank account, make transfers or even request credits in their name. When confirming the operation they will have no problem, since they receive the messages with the double authentication factor (2FA) in the cloned SIM.
Other attacks derived from SIM Swapping
Criminals are not just looking to access the bank accounts of their victims. Other valuable assets include cryptocurrency wallets or online service accounts such as; for example, those of Google. In the latter case, if cybercriminals have obtained the victim’s credentials, they can bypass 2FA by requesting a one-time code sent by SMS. Once they have accessed the account, they can have control of our email account, contacts, etc. The same can be said of access to other services, such as Facebook, Instagram, Tik Tok or similar; something that can ruin the online reputation of the victim and that criminals take advantage of to blackmail them. They could, for example, obtaining compromising photos and conversations and threatening to make them public unless payment of an amount is accepted. Nor should we forget about other applications that we usually use to make transfers and that also allow us to store money. A clear example would be PayPal, which also incorporates 2FA in the form of an SMS message and, in the event that criminals obtain the access credentials and a SIM clone, they could not only withdraw the saved funds, but also impersonate us to request money from our contacts.
Coping with SIM swapping
To fight against this threat, it would be necessary to completely rethink the identity verification procedure that many banking entities and online services still carry out. Unfortunately, it is not always possible to use the 2FA method that we want to use and this forces us to take more drastic measures. One of these measures would be to contact our operator and make sure that no cloning of our card is going to be carried out unless we request it in person at a store or office with a document that identifies us. In any case, for this measure to work, the operator must be able to strictly comply with our demands, which is quite difficult in some cases. As if that were not enough, there have been reports of cases in which criminals had the collaboration of employees of the mobile operator, making it more difficult to block this bad practice. Luckily, the security forces and bodies are aware of this technique and we see how from time to time they dismantle a gang dedicated to this type of crime. One of the most recent operations took place at the end of last week in Spain by the Civil Guard , and managed to arrest twelve people of different nationalities who would have obtained more than three million euros in profit. INFORMATION TAKEN FROM ” Josep Albors ”