Different kinds of scams and frauds are prevalent in the crypto world. These can range from building imposter websites and fraudulent applications to sending malicious emails and stealing and using someone else’s identity. These are the attacks that no one wants to fall victim to, so it’s very important to always be on the lookout for any potential strikes.

Apart from these, the most common attacks in the fintech space also include SIM-swapping or what is also referred to as a SIM swap scam. Yes—even your SIM card is vulnerable to hacks. In this blog, we’ll be discussing the practical steps you need to take to dodge such attacks. To start, let’s first define what SIM swapping is.

What is SIM swapping and how does it work?

Subscriber identity module (SIM) swapping—also called SIM splitting, SIM-jacking, or port-out scamming—is a very serious form of malicious attack where hackers contact your wireless service provider while pretending to be you in order to gain access to your SIM card. These fraudsters convince your mobile carrier to believe that you are either activating your SIM card on another device or that your SIM card was stolen or damaged.

After that, the hacker will ask to activate a new SIM card with the same phone number, but on a new phone—one that’s definitely not yours, but instead owned by the hacker. Once the SIM card has been activated, the fraudster will start receiving calls, text messages, and other personal data on your SIM.

Since the hacker now has access to and control over your phone number, all accounts connected to your mobile number are now vulnerable to scams and various fraudulent activities. These accounts may include banks, social media, and emails, to name a few. Very alarming, right? This vulnerability is deemed another reason why it’s not always safe to use mobile numbers to verify one’s identity. However, if you’re among those folks who use SIM cards for account verification, read ahead to learn more about the next possible steps you can take to protect yourself from being a victim.

Signs that you’re a victim of a SIM swapping attack

While this fraud seems harmless at first, the truth is it can be very tricky. Here are some of the highly noticeable indicators to know whether or not you’ve become a victim of this malicious attack.

  • Notification of activity from another device. You’ll get a notification from your mobile carrier when there’s any detected activity made elsewhere, such as activating your SIM card on another device.
  • You’ll be unable to receive or place calls and text messages. This is often the first sign that you’re likely a victim of SIM swapping. If your text messages and phone calls won’t go through, it’s probably because the hackers have already deactivated your SIM and are using your number on their device.
  • You’ll be unable to access accounts linked to the mobile number. Once your SIM gets compromised, your bank accounts, social media accounts, or emails are susceptible to hacks. If your login credentials are no longer working, it’s best to call your account providers immediately.

There are more ways to detect SIM swapping attacks, but these are the most common signs that you likely have fallen victim. Now that you know about these, how can you prevent your identity from being compromised?

Helpful tips to protect yourself from SIM swap scams

Hackers and cyber fraudsters will do everything to make their mission a success. The good thing is, the chances of taking over your SIM and the confidential information linked to it can be reduced. If ever you find yourself a target, there’s still a way out. Here are some practical and helpful tips you can explore and try your hand at so these hackers won’t accomplish their mission.

  • Enable authentication apps. For accounts that contain very sensitive and confidential information—like bank accounts and crypto or bitcoin wallets—consider using authentication apps, which enables two-factor authentication (2FA), which is a lot stronger than your normal passwords. This app generates a verification code and is tied to your smartphone or device instead of your mobile number. 
  • Set up a strong PIN code. For an added layer of protection, it’s recommended that you enable a separate PIN or password for your accounts if your wireless service provider has this feature. With this enabled, a PIN will be required for logins and password changes. 
  • Strengthen your account security. Use randomized, long, and unique character combinations in creating strong passwords. If there’s a question-and-answer or recovery question option, use information that only you know.
  • Limit the amount of personal information you share online. This is very important as fraudsters use social media profiles and other websites to gather information about you, which they can use for impersonation. 
  • Be aware of the prevalent fraudulent activities online. Technology is continuously developing, and as it evolves, the tactics and strategies of cyber hackers are also advancing. With that, you should familiarize yourself with the typical Internet scams like phishing, compromised software, applications, and websites, and so on.
  • Be careful of responding to malicious emails, texts, and calls. Hackers and fraudsters usually carry out their plan by sending you either emails or text messages that need immediate attention and responses. If the message asks you for personal information or asks you to click a suspicious link, it’s likely a phishing scam. Hackers can also lure you through calls, so always be on the lookout for any unusual requests.

Using your SIM card as an account and identity authentication is not always advisable. But there are still a lot of approaches you can use to prevent SIM swapping attacks. These are just a few examples, so don’t be limited to this list! But if you think you haven’t done any or all of these yet, perhaps it’s high time you try them out!

Immediate actions to take if you’ve been hacked

If you’ve become a victim of SIM swapping attacks, what should you do? First things first, call your mobile carrier right away and inform them of the suspicious activities about your SIM. Be sure to let them know that you didn’t make the changes, should there be filed requests for another SIM activation.

Then, contact your bank(s) or other service providers that are linked to your SIM card. Discuss the situation so they can immediately take necessary actions to prevent potential illicit activities from taking place. Check your PIN codes and account passwords and make sure that the hackers haven’t changed any of these and that no fraudulent purchases or transactions have been made.

Lastly, build layers of protection for your phone and accounts, and apply the necessary security measures to keep your information and your bitcoin safe from fraudsters. For Bitcoin wallets, we encourage you to enable your 2FA verification, as it is one of the most excellent defenses you can have to safeguard your bitcoin against being hacked or stolen.

Remember, your SIM card is a breachable authenticator. Cyber hijackers and fraudsters are routinely leveling up their game along with the advancement of technology. With the dire consequences that we’ve learned about SIM swapping, it’s very important to make every effort in protecting yourself from falling victim and from its devastating repercussions.