SIM swapping is reportedly on the rise. How do SIM swaps work, and what are the best ways to prevent it?
Mobile phones are often an important part of two-factor authentication (2FA) processes, but they have certain security risks like ordinary single-factor password processes. For devices connected to cellular networks, SIM swaps can open a path for attackers to bypass authentication.
SIM swaps occur when a malicious actor using social engineering techniques convinces a cellphone carrier to switch the target’s phone number to a new device. This can give the attacker access to bank accounts, credit card numbers and other sensitive information when 2FA systems use Short Message Service (SMS) — ordinary text messages — to send authentication codes to victims.
An in-depth report about SIM swaps and their impact was published last year by Brian Krebs, an information security journalist. Krebs found stealing cryptocurrency was one of the highest profile types of SIM swap attack. In addition, the same attack could be used to access any 2FA system that relies on SMS authentication codes.
In one example, an attacker executed a SIM swapping attack against its target and was able to steal its cryptocurrency. The same attack could be conducted against banks or other financial accounts that rely on SMS for 2FA.
To defend against these attacks, Krebs suggested using an authentication app like Google Authenticator or hardware token-based authentication. If your carrier allows it, using a customer support password may also help.
Given the rise in attacks using SIM swaps, pressuring your cellular carrier to improve its operational security around SIM cards and accounts may also be needed. Migrating away from SMS-based authentication should be considered.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)