SIM Swapping attacks increased by almost 400% in 2024 compared to the previous year, according to a report quoted on the Romanian blog of the ESET Cyber Security Company. Through this type of attack, hackers take control of phone numbers to access personal data and bank accounts.
There are a few signals that can indicate a SIM Swapping attack. Photo: Pixabay
“Sim swapping is a seemingly simple scam, but with devastating consequences. (…) You are at work and check the phone, but something is wrong – you have no signal! Get home and try again – you have not changed anything. In the meantime, start receiving notifications in accounts, including a message from the mobile operator.” Warns Roman Coprik, a cyber security specialist at ESET, quoted by Agerpres.
It all starts, he explains, from obtaining the victim’s personal data, sufficient to convince the telephone operator to transfer the number to another SIM card. At that time, the criminals gain access to all the services connected with that number-bank accounts, social networks, e-mail or authentication 2 in two steps (2FA).
A study based on FBI Internet Crime Report 2023 shows that losses caused by these attacks have exceeded $ 48.7 million, and the trend is constantly increasing.
An alarm signal for 2Fa users by SMS
The popularization of authentication in two steps (2FA) by SMS, meant to protect the online accounts, has become one of the most exploited vulnerabilities. Once the attackers take control of the phone number, they can intercept the authentication codes and reset the passwords, opening the door to fraud and identity thefts.
Signs that may indicate a SIM Swapping attack
– sudden loss of mobile signal,
– unsolicited notifications of SIM card change,
-Emails on changes in accounts you have not done, suspicious activity,
– blocking access to accounts,
– lack of 2FA codes by SMS.
How do you protect this attack
“If you notice any of these signs, act immediately. Call the mobile operator to check the account status and secure your number. At the same time, check the bank accounts for any unauthorized transactions or changes. To prevent or recover any losses, and do not forget to report the incident of authorities or specialized cyber crime agencies. emphasizes Coprik.
