Beware of fraudsters using a technique called “SIM swap” to hack the online accounts of victims in order to steal their cryptocurrencies including Bitcoin.
The latest example involves a 23-year-old man from Brockton, Mass. who the U.S. Department of Justice indicted this week for allegedly gaining control of the online social media accounts of 10 unnamed victims and then swiping over $530,000 in cryptocurrency from them.
Meiggs and his allies, the DOJ said, used the “illegal practice” of SIM swapping, in which scammers convince people’s cellphone carriers to switch the phone numbers connected with their smartphone’s SIM cards to SIM cards stored on their own smartphones. Doing so lets the fraudsters access the victims’ text messages and voice calls, which helps them to reset the passwords of their victims and take over their cryptocurrency accounts.
In February, the DOJ charged a Brandon, Fla. man for a similar scheme involving SIM swapping. That man, Stephen Defiore, an employee of an unnamed phone carrier, allegedly switched the SIM card accounts of the company’s customers so that their phone numbers were then linked to criminals who could gain access to their online accounts.
How to prevent SIM swap attacks
In order to prevent SIM swap attackers, the Federal Trade Commission recommends several steps. First, people should never reply to emails, calls, or text messages that request personal information. These are likely phishing attacks, in which hackers attempt to build trust with consumers in order to obtain their personal information like social security numbers or credit card information.
Second, the FTC recommends that people limit the amount of information they share online, and, “If possible, avoid posting your full name, address, or phone number on public sites.” This information provides criminals with more data to carry out their theft.
The FTC also said that people should set up PIN or passwords for their cellphone accounts, in the chance that fraudsters attempt to call phone companies as part of their SIM swapping schemes.
Additionally, the FTC recommends that people use tougher security techniques like multi-factor authorization to make it harder for criminals to access personal accounts.
