SIM jacking, also known as “SIM swapping” or “SIM hijacking,” is a type of cyber attack where threat actors take control of victims’ phone numbers by convincing their mobile carriers to transfer the numbers to a SIM card they own. Such an attack exploits the fact that many online accounts and services use phone numbers as a form of two-factor authentication (2FA) or account recovery method.
SIM jacking, simply put, is stealing someone else’s number so the thief can pose as the SIM card’s owner. You can liken it to when an impostor creates a social media account while posing as you.
Read More about SIM Jacking
Successful SIM jacking attacks can earn cybercriminals millions. In fact, in 2021, users lost US$68 million to SIM jacking.
How Does SIM Jacking Work?
SIM jacking typically has these four steps.
- Research and targeting: The attackers gather information about their targets, such as their phone numbers, carriers, and other personal information from social media or other sources.
- Social engineering: The attackers contact the targets’ mobile carriers posing as their victims or using manipulation techniques to convince customer support representatives to transfer phone numbers to their new SIM cards.
- SIM card activation: Once the attackers have control of their targets’ phone numbers, they can use them to receive 2FA codes or account recovery messages sent via text message. That allows them to access the victims’ accounts, such as their email and social media accounts, cryptocurrency wallets, and other accounts on sensitive platforms.
- Account takeover: With control of the victims’ accounts, the attackers can potentially reset passwords, gain access to personal information, steal funds, and cause a wide range of other harmful activities. To do that, threat actors typically use SIM jacking software.
Are There Other Ways to Perform SIM Jacking?
In some cases, threat actors physically steal a victim’s phone to perform SIM jacking. They then use various attack tactics to hijack the phone. They can use a dictionary attack to crack the phone’s PIN code. Afterward, they can install a SIM jacker to sniff for 2FA and other online account-related messages.
In other cases, the attackers don’t even need physical access to victims’ phones. They simply send a SIM jacker to targets through a text message. This code basically instructs the phones’ Universal Integrated Circuit Card (UICC) to take control so they can retrieve and execute sensitive commands. That allows the attackers to access the devices’ location and, more importantly, their Cell-IDs. The threat actors can then successfully access the target devices, essentially making them their own, and victims wouldn’t even be aware their phones have been compromised.
What Is a SIM Jacker?
A SIM jacking software or SIM jacker is a kind of spyware that attackers can install on victims’ phones without their knowledge and then use to send commands to the SIM card that can take over their phones.
How Can You Avoid Becoming a SIM Jacking Victim?
You can protect against SIM jacking by taking these precautions.
- Use strong authentication: Whenever possible, use 2FA methods that don’t solely rely on Short Message Service (SMS) or text messages. You can use authenticator apps or hardware tokens.
- Choose a carrier that has good security measures in place: Contact your mobile carrier and inquire about the security measures it has in place to prevent unauthorized SIM swaps. Some let you set a personal identification number (PIN) or passphrase that must be given before any changes to your account can be made.
- Enable privacy settings: Be cautious about the personal information you share online. Attackers often use publicly available information to craft convincing social engineering attempts.
- Monitor your accounts: Regularly monitor your financial and online accounts for any unauthorized activity.
- Alert your carrier at once: If you suspect a SIM jacking attempt or notice any unusual behavior related to your phone or carrier account, contact your carrier immediately.
Remember that while the best practices we enumerated can help you avoid the risk of falling prey to SIM jacking, no method is foolproof. Stay vigilant and updated about emerging security threats.
- SIM jacking lets threat actors take control of victims’ phones.
- SIM jacking can be performed physically or remotely. In most instances, though, cyber attackers employ SIM jackers.
- Research and targeting, social engineering, SIM card activation, and account takeover are the four steps typically involved in SIM jacking.
- You can avoid becoming a SIM jacking victim by using strong authentication measures, choosing a carrier that has good security measures in place, enabling privacy settings on your device, closely monitoring accounts for signs of unauthorized activity, and alerting your carrier at once if you suspect an attempt or notice anything unusual.