Friday, December 29th 2023, 10:39 am
Have you heard of SIM cloning or SIM swapping? We're talking about the SIM card inside your cell phone and how attackers can take advantage of it. Jonathan Kimmitt with Alias Cyber Security explained more.
Your SIM card is your unique identifier for your phone. It's tied to the cellular company that you contract with. You have some that are physical cards, and some have an e-SIM that's an embedded card.
SIM card stands for "subject identity module." The cell company uses that to recognize who the phone belongs to. Phones have to have SIM cards to work.
SIM Swapping, sometimes also known as SIM jacking, and SIM cloning, is a technique where a malicious actor uses a variety of techniques to take ‘ownership’ of a phone number by getting a cellular company to ‘swap’ the SIM that is associated with a user, with a new one that is associated with the attacker.
In simple terms, it allows the attacker to take over a phone number by moving the phone number to a new device.
SIM swapping is very common and occurs legitimately as people get new phones, replacements, or change service.
Because it is a common process, the attacker uses social engineering techniques to trick, bribe, or extort a cellular company employee to move a victim’s phone number to a new phone.
At that point the attacker can use the number to access accounts that use text (SMS) messaging or phone calling to reset passwords, multifactor bypass, etc.
It's hard to prevent SIM swapping. However, you can protect other accounts outside of your phone. You can make sure that you're not using text messaging as a multi-factor authenticator. You can make sure to not give out your phone number easily, and question who you're giving your number to. It's also important to not store passwords on your phone.
December 29th, 2023
January 1st, 2024
November 21st, 2023
November 11th, 2023
November 22nd, 2024
November 22nd, 2024
November 22nd, 2024
November 22nd, 2024