SIM swapping allows criminals to steal your phone service to access bank accounts

This browser does not support the video element.

By Jesse Jones

We’ve been told that two-factor authentication is the best way to protect yourself from a scammer who wants to steal your passwords or codes. But now there’s SIM swapping.

That’s when the thief gets the provider to switch your mobile number to the scammer’s SIM card. Once that happens the scammer gets every call or text you send or receive.

Former FBI Analyst and Cyber Security Expert Willis McDonald said this can happen a few different ways. Sometimes, thieves buy your personal information on the dark web and use it to gain the cell service provider’s system. This can also be an inside job, says Willis, “In some cases, it’s an employee that works at one of the phone providers or mobile phone store, in some cases it’s overseas in a support center.”

The worse part about this is by the time someone has stolen your cell phone service and you realize it, they’ve already emptied your accounts. That’s why the best defense is to take precautions now. Here is what you can do. First, call your phone service provider and ask for enhanced security protection, such as asking for more info before making a swap.

The very best thing you can do is use a hardware token which is a piece of hardware to log into your account rather than relying on passwords, and you carry it with you like a key, these are about $40. If that isn’t something that works with your phone you can use a rolling code authenticator such as Google authenticator or Microsoft authenticator.

Below are helpful links to help you protect yourself from SIM Swapping

Links to Authenticator Apps:

https://www.microsoft.com/en-us/security/mobile-authenticator-app

https://safety.google/authentication/

Yubikey hardware tokens for authentication: https://www.yubico.com

Titan Security Key: https://cloud.google.com/titan-security-key

Email multi-factor authentication options and setup:

https://support.microsoft.com/en-us/account-billing/how-to-use-two-step-verification-with-your-microsoft-account-c7910146-672f-01e9-50a0-93b4585e7eb4

Banking multi-factor authentication setup and options:

https://www.bankofamerica.com/security-center/online-banking/

https://www.chase.com/digital/resources/privacy-security/security/how-you-can-protect

Wireless account PINs:

https://www.verizon.com/support/account-pin-faqs/

https://www.att.com/support/article/wireless/KM1447526/

https://www.t-mobile.com/support/tutorials/topic/settings/enable-2-step-verification/device