Mobile phone number theft and SIM card replacement by hackers

In this article we will tell you what SIM swapping is, how it works and how to protect yourself from theft of your mobile phone number.

Since almost everyone today owns a mobile phone or smartphone and carries it with them at all times, mobile devices are increasingly being used for identity verification, especially through online services. To do this, a one-time password is sent to the user's mobile phone via SMS or voicemail.

They must then submit an authentication code to the website or app, perhaps as part of multi-factor authentication (MFA) or for account recovery.

Mobile phone users should therefore be careful as criminals use the SIM swap trick to access personal services such as online banking.

Multi-factor authentication (MFA) using your phone is a convenient and supposedly secure method. But the fact that most users have linked their mobile numbers to bank accounts, email and social networks also attracts attackers.

If you gain access to someone else's mobile phone number through a SIM swap, you can use it for a number of criminal purposes. Thus, the attacker redirects all text messages and calls, or may send text messages or calls - for example, about paid services abroad.

It can also take over (almost) the entire Internet presence by hacking into accounts created on mobile devices. The hacker will be able to perform authentication (for example, Twitter) or possibly password recovery - this also includes, for example, Gmail, Facebook or Instagram.

Notable victims included Twitter co-founder and former CEO Jack Dorsey and actress Jessica Alba, whose Twitter accounts were hacked by swapping SIM cards so they could then send offensive messages to the platform.

This becomes costly if the victim uses the still (too) commonly used mTAN or smsTAN procedure to approve online transfers, i.e. the bank sends the transaction number to the customer via SMS. In addition, using online banking access data, a hacker can empty his victim's account without leaving his own home.

Reports from anti-cybercrime experts have documented the fact that this method is used throughout the world. In the middle of last year, they arrested three criminals who used SIM swapping to gain access to at least 27 foreign bank accounts and make transfers.

How does SIM card replacement work?

The preferred method to hijack a mobile number is by replacing the SIM card or stealing the SIM card. SIM card replacement is usually carried out through the customer portal or hotline of the mobile operator.

This is where the hacker, as his victim, applies for a new SIM card, for example, because his cell phone was lost along with the SIM card or because the format is no longer suitable for the new smartphone. Or he can terminate the contract and apply to port the number to a new provider.

In both cases, of course, it is not enough to simply provide a mobile phone number. The hacker must provide additional personal information about the victim, such as date of birth, address or customer password - data he obtains from social networks (social engineering), obtained through phishing emails, or purchased on the dark web.

When you call a mobile operator's service center, with a little persuasion, the person may be satisfied with more easily accessible data. Employees may comply with requests for change despite the lack of legitimacy.

When using regular SIM cards, an attacker needs to obtain a physical SIM card, for example, by intercepting an email from a mobile operator or specifying a different address. This is easier to do with eSIM, which is supported by the last four generations of smartphones from Apple and Google: here the built-in chip is described electronically using an eSIM profile.

Has your mobile phone number been stolen?

If sending SMS, making mobile phone calls and connecting to the mobile network suddenly becomes impossible, this may indicate that the phone number has changed hands. However, it is more likely that you are simply in a dead zone or there is a technical glitch in the mobile network.

It is obvious that your mobile phone number has been stolen if you suddenly can no longer access various services or notice unusual processes in your account. Because many attackers are nocturnal, problems are often not noticed until the next morning, but by then it is usually too late.

How to protect yourself from SIM card replacement?

There are many tips to protect against SIM swapping that will also help with other online scams:

- Use the latest operating system with the latest security updates and, where appropriate, antivirus software.

- Do not use a single password for different online services, but use an individual code that is quite long and complex.

- Enable two-factor authentication as an additional component to secure passwords.

- Check from time to time to see if one of the services you use has had a data breach or if your data has fallen into the wrong hands.

- Beware of phishing emails: Reputable companies, especially banks, never ask their customers to disclose personal information through a link in an email.

Mobile operators also took precautions after the first cases of SIM swapping emerged. Some, for example, offer voice identification (voice ID). Also, a special client password is required for the client hotline. Take advantage of these opportunities.

It is also recommended, where possible, to choose another method, such as FaceID or YubiKey, for two-factor authentication instead of SMS or call.

Mainton Company - custom software development and testing, DevOps and SRE, SEO and online advertising since 2004.