According to the Pew Research Center, the majority (97%) of Americans own a cell phone. While that statistic isn’t surprising, it does show how many of us are susceptible to a dangerous scam: SIM swapping.
SIM Swapping: What You Need To Know
In this article, I’ll explain what SIM swapping is and what phone carriers are doing about the issue. I’ll also share some tips on how you can stay safe using today’s technology.
Table of Contents:
- SIM Swap Explanation
- How To Prevent Sim Swapping With Your Cell Phone Carrier
- Additional Tips To Prevent This Scam From Happening to You
What Is SIM Swapping?
SIM swapping, or a SIM swap scam, happens when a crook is able to take control of your personal information stored on your SIM card by using it on another phone.
According to the Federal Trade Commission (FTC), a successful SIM swap can occur if a scammer impersonates you and contacts your phone service provider with a bogus story.
According to the FTC’s website, “They may call your cell phone service provider and say your phone was lost or damaged. Then they ask the provider to activate a new SIM card connected to your phone number on a new phone — a phone they own.”
Once a scammer successfully takes over your phone, they can access your bank account, social media accounts, email account and more. How? While two-factor authentication is typically a decent form of protection, the scammer now has access to your phone number and email. That means they have access to any codes sent through an email or text message.
What Cell Phone Carriers Are Doing To Prevent SIM Card Swapping
You may be wondering what popular wireless carriers are doing about SIM swapping. I reached out to them to find out the latest procedures and protocols they have put in place to counteract SIM swap scams.
When it comes to SIM swapping, Verizon said it has put several security enhancements in place.
“Verizon requires customers to complete enhanced authentication steps to perform a SIM card change or device change request,” a spokesperson told Team Clark. Those steps include:
- Two-Factor Authentication: Customers are encouraged to set up two-factor authentication inside the free My Verizon app (Android or iOS).
- Port Freeze: “Customers have the option to enable a Port Freeze that will prevent their number from being Ported Out to another carrier without first removing the Port Freeze.” You can request a Port Freeze by calling Verizon Customer Service (*611) from your mobile phone.
- Number Transfer PIN: “Verizon consumer accounts now require a dedicated six-digit PIN to port a line to a new service provider,” the spokeperson said. “With Number Transfer PIN, the necessary port-out code is only revealed once a customer successfully confirms their identity, reducing the risk of unauthorized porting.”
A T-Mobile spokesperson told Team Clark that when it comes to the SIM swap scam, the company offers its customers “several safeguards to help protect against this crime.”
The company allows its subscribers to set up PINs (personal identification numbers) that they need to log into their accounts. “T-Mobile accounts must have a 6-15 digit PIN, and a customer’s number cannot be ported without verification of that PIN,” the spokesperson said.
The wireless provider also offers Account Takeover Protection to stop bad actors from getting control of user accounts. Account Takeover Protection blocks unauthorized users from transferring your phone line to another wireless carrier.
Account Takeover Protection is free but available only to Business, T-Mobile Postpaid, and Sprint customers. It is not available to T-Mobile prepaid and Metro by T-Mobile customers, according to the carrier’s website.
When asked about SIM swapping, an AT&T spokesperson forwarded me the following statement:
“We are working closely with our industry, law enforcement and consumers to stop and prevent this type of crime. We have security measures in place to defeat fraudulent SIM swaps. However, recent high-profile cases reinforce the importance of businesses and consumers taking steps to protect against SIM swap fraud, such as not using mobile phone numbers as the single source of security and authentication.”
A spokeswoman for TracFone, which has among its properties Simple Mobile, Straight Talk, Total and SafeLink, sent Team Clark the following statement:
“SIM swapping fraud and other related fraud are issues that affect the entire industry. That’s why we work with others in the industry, CTIA (wireless trade association) and law enforcement to address these problems as they arise. Stopping these fraudulent activities is as important to TracFone Wireless, Inc. as it is to our customers.”
On its website, TracFone says it has recently added some security enhancements in light of some fraudulent activity discovered on customer accounts:
In a message to its customers, TracFone says: “Since uncovering this fraudulent activity, we have made enhancements to improve the security of your mobile account. For example, when a request to transfer a number is made, we will send a text message notification to your device to alert you to the request. This message will include the number you should call if you did not authorize the transfer. Additionally, we will also send you a text message containing a unique code (a “Number Transfer PIN” or “Port PIN”) that must be provided to the new carrier before a transfer can be completed. This code should only be provided to your new carrier when you are making your transfer request. We will never call you and ask you for this code.”
I reached out to Visible Wireless, Consumer Cellular and Mint Mobile about their plans on curtailing SIM swapping but have not heard back as of this writing.
Additional Tips To Prevent This Scam From Happening to You
SIM swapping is a serious problem that can end up plunging its victims into financial ruin. To safeguard yourself against the SIM swapping scams, follow these steps from the phone carriers:
Get a Strange Notification? Do Not Reply
Never respond to a text message, email or phone call from someone you don’t know.
For example, a scammer that has swapped your SIM card without you knowing it may send a notification to your phone asking you to verify some of your personal information. Do not reply.
Use Your Device’s Advanced Security
Many phones today allow you to set up advanced security, including biometric authentication, to keep your information secure. Some of the most common advanced security methods are:
- Fingerprint ID: As its name implies, you can restrict access to your phone by allowing it to use your thumb or fingertip to authenticate your identity.
- Facial recognition: Many Android phones have facial biometric ID features while some iPhone models have Face ID.
Try an Authentication App
For added protection, you might consider using an authentication app to keep access to your phone locked. I use a free authentication app from Microsoft on my phone (Android or iOS) to protect sensitive information. Every 30 seconds it generates a security key that I need to enter to gain access to my device.