SIM swapping is a new kind of identity theft that can happen to you if your cell phone is your go-to device for checking your email, paying your bills, or posting to social media. Here’s how hackers carry out the scam: They’ll call your cell phone provider and tell them to put your SIM card into a new phone, which will make the scammer the new owner of your cell number. This is called SIM swapping. If the scammer is successful, they’ll now have your cell number and can use it to reset your online passwords. They can also bypass the additional security measures you have on financial accounts by calling a customer service representative directly from your cell phone. Even two-factor authentication can be thwarted by sending text to the compromised cell number. Thankfully, there are ways you can protect yourself from this scam.
How to protect yourself from SIM swapping
If you’re not sure about a call you receive regarding your bank, credit card, or cell phone service, call the company directly using the number on the back of your card or a business card. Don’t give out personal information like personal security codes and bank account numbers unless you made the call and know it is truly from your bank or credit card company.
Change two-factor authentication for any financial accounts or other services connected to your cell phone service. Consider utilizing other methods of two-factor authentication such as email, biometrics or authenticator apps such as Google Authenticator. This will give you an extra layer of protection on your accounts and password recovery.
Check your bank and credit card statements daily or weekly to look for unauthorized charges. Make sure you check your account activity and spend some time on these statements every now and then to keep an eye out for any unusual activity.
Turn on notifications. Most cell phone providers allow you to set up alerts on your account so you’ll know if there are suspicious charges or changes made to your account. Many financial institutions also offer the same protections.
Be cautious of unsolicited calls. There are legitimate companies that call you in order to verify information or offer a better service. But scammers are getting pretty savvy, so you might even get a phone call from someone claiming to be a representative from your cell phone provider—they’ll ask for personal information in order to “verify the account.” If you’re not sure about a call you receive, call the company directly.
Trust your instincts. If a request seems unusual to you, it probably is. If you ever feel uncomfortable with a phone call or email, contact the company directly to check if they’re legitimate.
Be wary of unsolicited emails. If you get an email asking you to click on a link, don’t do it! Just delete it immediately. If you need to log into your account, log in directly through the company’s website instead of following a link. If you don’t know the sender, treat it like junk mail and delete it.
The most important thing you can do is to be proactive and make sure that your accounts are protected. This way, if a scammer tries to impersonate you, they won’t get very far.