SIM-swap fraud [Mobile telephones and crime]

From article published on British bank Charter Savings' website 

The link takes you to the article. They cover 3 types of fraud that are on the rise in the UK and give advice. The 1^st one seems to be the most diabolical to me. I have reproduced it below. 

______________________________________________________________________

SIM-swap fraud

Have you heard of SIM swapping? It’s when criminals hijack someone’s mobile phone number by transferring it to a new SIM card under their control.

We’re seeing a huge spike in fraudsters using this tactic. Nearly 3,000 unauthorised SIM swaps were logged on the National Fraud Database in 2024 – that’s an increase of more than 1,000% on 2023.1

You may have also heard about the recent cyberattacks on UK-based international retailers, data breaches like this are being used by SIM-swap fraudsters.

They’re also using phishing and social engineering to deceive and manipulate individuals into sharing their personal information. If you overshare your personal details online this could be another way they can collect your information – never publicly share your bank account details online.

They take the personal information they’ve gathered, contact the victim’s mobile provider posing as the customer and request a SIM swap, often citing a lost or stolen phone.

Once they’re in control of the number, criminals intercept one-time passcodes sent via SMS to take over the victim’s accounts. They can then use available websites and apps to apply for a bank loan, cancel holidays to get a refund or even steal wages from gig economy workers.

And it doesn’t stop there. Even if the SIM is recovered, fraudsters can plant backdoors such as password resets and link devices to gain repeated access or harvest sensitive data to sell on the dark web.

How to protect yourself:

• Protect your SIM card by enabling a PIN in your device’s settings menu and setting up a carrier level password or PIN with your network provider which must be verified before issuing a new SIM.
• Don’t respond to unsolicited emails, texts or phone calls.
• Don’t overshare personal details on social media. Avoid sharing your birth date or that of children or relatives or other common password recovery phrases such as the name of your first pet or school.
• Turn on Two-Step Verification (2SV), also known as two-factor authentication (2FA) or multi-factor authentication (MFA).
• Use a password consisting of three random words that only you know and which are unique. You could add uppercase letters, numbers and symbols to make it more secure.
• Always keep your device’s software up to date.

Three steps to take if you think your SIM card has been swapped:

1. Call your network provider immediately. If you unexpectedly lose phone service, receive unsolicited texts or emails about your SIM being ported or a Port Authorization Code (PAC) request, notify your provider.
2. Inform your banks as soon as possible. The fraudster may attempt to make a money transfer online or over the phone.
3. Record your details with Cifas. They’re a UK fraud prevention community.2

https://chartersavingsbank.co.uk/news/3-scams-you-need-to-know?utm_campaign=Fraud_Week&utm_medium=Email&_hsenc=p2ANqtz-8ELZXCd_Td37W_u66FSuEyMeDiEK4PXjO61FOhO5VZ0Gx-lafoe5IGtNDXMa-PAYYSaRor5EAIlsvL3GPBayPTkqmjZA&_hsmi=122192851&utm_content=Newsletter&utm_source=HubSpot

_____________