You may have heard about a new SIM swapping scam that allows scammers to access bank accounts and personal info. We’re going to tell you how it works and how you can avoid falling victim to it.
How does the SIM swapping scam work?
It involves scammers moving your phone number to a new device by contacting your cell phone provider, pretending to be you, and saying that the phone has been lost or stolen.
The scammer asks for your phone number to be transferred to a new SIM card on a new device that they already have (this can be done remotely, without the phone or SIM card physically present).
After the scammer has moved your phone number to their phone, they start downloading apps for social media, email, online banking, and exploit two-factor authentication by hitting the “forgot password” button. This lets the scammer reset your passwords by using the verification code that is sent to your phone number (which they now have).
So, at this point, your phone number has been transferred to a new device. You may notice something is wrong when your phone cannot place calls, as your service has been disconnected and your number is no longer connected to your phone.
How to avoid the SIM swapping scam
- Keep your personal information, such as your birthday, off social media. This info can be used by scammers to answer security questions from your cell phone provider.
- Don’t fall victim to phishing emails that ask you to update account information or to confirm a password
- Use an offline password manager
- Contact your cell phone provider and ask about additional security steps that can be added to your account
- If you decide that you don’t want to use two-factor authentication, consider removing your phone number from those apps or contact them about alternative security measures
- If your phone service is suddenly disconnected, contact your provider immediately
Speaking with your cell phone provider is an important first step to find out how your account is protected and what security measures are currently in place. You may be able to add an additional layer of protection by changing your security question to something that only you would know.
Did we miss anything? Share your thoughts in the comment section below.
Did you like this? You might like these posts too!
5 things to be mindful of this holiday season
Grant scams: 3 types to watch out for
Email from your boss? Make sure it’s not a scammer
Watch out for phishing emails at work
How do you know if a link is suspicious?
About Consumer Protection BC
We are responsible for regulating specific industries and certain consumer transactions in British Columbia. If your concern is captured under the laws we enforce, we will use the tools at our disposal to assist you. If we can’t help you directly, we will be happy to provide you with as much information as possible. Depending on your concern, another organization may be the ones to speak to; other times, court or legal assistance may be the best option. Explore our website at www.consumerprotectionbc.ca.
Thank you for making the SIM card scam understood. I was aware of the scam but didn’t know how it worked.
Hi Julie! The scam is a bit complicated and I’m happy that the post was helpful. Thanks so much for your comment!
CRTC & CCTS should legislatively provide protection to Sim Card users requiring sufficient identification by service providers with hefty fines if user IDs are compromised by Service Provider staff!!
🤷🏽♂️🤷🏽♂️Right
How does the scammer get your # in the first place? Do they just pick random numbers?
Hi Julie, thanks for your question. I’m not totally sure how the numbers are accessed to begin with. You may be interested in contacting your cell phone provider to see if they have any information on this for you. I’m sorry I couldn’t be of more help! Best of luck!
Can I still be scammed if I do not use my cell phone for banking etc., but do use my home computer?
Hi Myrna, thanks for reaching out to us here. If you use Two Factor Authentication (where you are sent a text to recover a password for any accounts – including email), you may still be at risk. I would suggest talking to your cell phone service provider to find out how they are protecting their customers from this scam. I hope this helps!
can scammers make this change if you only have a landline?
Hi Kathy, thanks for your questions! SIM card is unique to cell phone technology so it would not apply to landlines.
A lot of Apps have asked to have my mobile number registered, and even email service companies and banks too, in case I forget my passwords. To retrieve my passwords, I would rather give another email add, and never my mobile number.
Hi Yuet, I’m not an expert on this topic but I believe some apps ask for your mobile number as part of two-factor authentication which is an added security measure to verify that you are the authorized account holder.
Unfortunately, mobile providers are unwilling to implement any measures against SIM swapping. Provider may agree to placing measures against account, however, my experience has been when making changes to account, security measures are always ignored. Do not rely on providers.
One would think that the providers would have a lost stolen procedure that included doing a call or message to the existing phone number.