If your cell phone is your contact for checking your email, paying your bills, or posting on social media, you're not alone. Imagine your cell phone suddenly stops working: no data, no text messages, no calls. Then imagine that you receive an unexpected notification from x anabolics, your mobile operator, that your SIM card has been activated on a new device. What's happening? This may be a sign that a fraudster has swapped a SIM card to hijack your cell phone number.
How can fraudsters swap SIM cards like this? You can call your wireless service provider and your phone has been lost or damaged. Then ask the provider to activate a new SIM card that is connected to your phone number on a new phone ̵
The Risks: ] The fraudster who is now in control of your number can open new cell phone accounts on your behalf or buy new phones with your information. Or you can log into your accounts that use text messaging as a form of multi-factor authentication. How? Because they will receive a text message with the verification code they need to log in.
Multi-factor authentication (MFA) provides additional account protection by requiring two or more credentials to log in. You will need a second credential to verify your identity. That could be what you have – like a passcode that you get via SMS, security key or authentication app. Or something you are – like a scan of your fingerprint, retina, or face.
Using your credentials, the scammer could log into your bank account and steal your money, or take over your email or social media accounts. And they could change the passwords and lock you out of your accounts.
You can do the following to protect yourself from a SIM card swap:
- Do not answer calls, emails, or text messages that request personal information. These can be phishing attempts by fraudsters who are looking for personal information to access your cell phone, bank, credit, or other accounts. If you receive a request for your account or personal information, contact the company on a phone number or website that you know is genuine.
- Limit the personal information that you share online. If possible, avoid posting your full name, address, or phone number on public websites. An identity thief could find this information and use it to answer the security questions required to verify your identity and log in to your accounts.
- Set up a PIN or password for your cellular account. This could help protect your account from unauthorized changes. You can find information on this on the website of your provider.
- Consider using stronger authentication for accounts with sensitive personal or financial information. If you are using MFA, note that checking text messages may not stop a SIM card swap. If you are concerned about SIM card replacement, use an authentication app or a security key.
If you are the target of a SIM swap
- Contact your mobile operator immediately to regain control of your phone number. After you regain access to your phone number, change your account passwords.
- Check your credit card, bank, and other financial accounts for unauthorized fees or changes. If you see any, report them to the company or institution.
If you think a fraudster has your information – such as your social security, credit card, or bank account number – go to IdentityTheft.gov to see the specific steps
Find out what else you can do can still do to protect the personal information on your phone and how you can protect your personal information online.