The FBI has noticed a startling surge in SIM-swapping incidents, and estimates the attacks stole $68 million from victims last year.
On Tuesday, the FBI issued a public alert, which said the agency received 1,611 SIM-swapping complaints in 2021. That’s a huge increase from the three years prior, when the FBI received only 320 complaints involving financial losses estimated at $12 million.
The agency didn’t say what’s behind the rise in SIM swapping. But the FBI’s service alert is urging people to avoid posting about their financial assets, including cryptocurrencies, on social media, which can put a target on their backs.
The FBI issued the alert when many SIM-swapping attacks have been tied to criminals trying to steal cryptocurrencies. In case you don’t know, a SIM swap involves a criminal manipulating your cellular provider into giving up access to your mobile phone number. The criminal can pull this off by impersonating your identity or in some cases even bribing employees for access.
A SIM swap can be particularly devastating because many internet services—including email, online banks, and cryptocurrency exchanges—rely on mobile phone numbers to help users recover account access if they forget a password. “Once the SIM is swapped, the victim’s calls, texts, and other data are diverted to the criminal’s device. This access allows criminals to send ‘Forgot Password’ or ‘Account Recovery’ requests to the victim’s email and other online accounts associated with the victim’s mobile telephone number,” the FBI added.
To stop the attacks, the FCC is working to establish stronger rules for how cellular carriers handle mobile phone number transferring. But in the meantime, the FBI is urging the public to avoid posting personal information online, such as a phone number and address, which can make it easier for a criminal to commit a SIM swap.
It’s also a good idea to avoid using SMS-based two-factor authentication to protect your online accounts; instead use an authenticator app. The FBI’s alert has other tips. Carriers, such as AT&T, also have extra security measures users can enable to help prevent a SIM swap.