SIM Swaps: What You Need to Know

SIM Swaps: What You Need to Know

For many of us, our mobile devices hold as much or more, sensitive data than our workstations or desktops. So why should adequate security on our phones be any different?

What is a SIM swap?

A SIM swap occurs when someone contacts your mobile service provider and tricks a customer support rep into switching your phone number to a SIM card owned by the scammer. They usually do this by gleaning enough personal information from your social media accounts and company website to fool customer support.

Why is this a threat?

If a scammer successfully ports your number to a SIM card they control, they can change passwords on the mobile account and completely lock you out.

Once you realize what’s happened, the only move available to you is to call your service provider from another phone to explain the situation and hope they believe you.

In addition to the personal data likely stored on your device, if you use your phone for work this compromises other information including:

• Company data
• Access to your network
• Corporate communications
• Financial information
• Social media accounts

How do you know if you’ve been targeted by a SIM swap?

 A few common clues you’ve been targeted include:

• You receive text messages or calls from individuals claiming to be from your carrier asking you to power off your phone. This would complete the SIM swap before locking you out of your phone.
• Your phone powers off unexpectedly, and once you turn it back on, you no longer have service.
• Your social media accounts and/or email start sending messages you don’t recognize.

How do you protect yourself?

To help prevent a SIM swap, do the following:

• Call your service provider and establish a unique PIN (personal identification number) known only to you, and have your team do the same (most carriers offer the option of either verbal or touch pad confirmation).
• Implement second layer security above and beyond a simple password via Multi-Factor Authentication (MFA) or 2-Factor Authentication (2FA). Learn more about creating secure passwords in a previous post by EXP Technical CEO Tony Lesirge.
• Educate yourself, your staff, and your company on the importance of safeguarding the data across all your endpoints.

For more security tips, contact EXP Technical for training, education, solutions, and implementation to keep your endpoints secure and easy to manage.

Have questions or want to learn more? Come meet us!

Date: Thursday April 18, 2019
Time: 12:00-1:00 p.m.
Location: 1325 4th Ave. Suite 1540 Seattle, WA 98101

Click here to register for our upcoming Lunch & Learn: Optimizing Storage and Collaboration in Cloud.