Be careful with SIM Swap, this is how they steal money from your bank account: How to recognize fraud and defend yourself from it

Web hackers have come up with a very scary scam: in a few seconds, unfortunate people can find themselves without a dime left.

Imagine seeing all your personal data and all your money in your bank account disappearing in the blink of an eye. A nightmare scenario but far from unreal: it happened in… Many are victims of SIM Swap, an increasingly widespread computer scam. Let's see what it consists of and how to avoid falling into it.

the SIM swapping is based on the control of the user's mobile phone number. In this way, fraudsters can access sensitive personal data and even bank accounts of victims. All this by leveraging the mobile-based authentication process, which is an essential element of online security, especially after the PSD2 directive came into force.

Everything you don't know about SIM card swap

The creators of SIM Swap are able to exploit an authentication vulnerability when an access code is sent to the user's mobile phone after entering login credentials. Simply swap the SIM card associated with the mobile phone number to have full control of the device. At this point it can get very bad for the fraud victim.

As mentioned, Using “sensitive” information, cybercriminals can carry out a whole series of extremely harmful actionsSuch as creating a second current account in the user’s name to which stolen funds can be transferred without raising suspicion. There is an “espionage” business based on the use of malware, phishing emails and searches on social networks to collect information about targets and facilitate the process of convincing phone operators when requesting to change the SIM card.

The first defense is to pay attention to potential warning signs: Suspicious posts on social networks, inability to make calls or send messages, notifications of suspicious activity from your bank or phone company, inability to access online accounts. Hence the importance of treading very carefully online, avoiding sharing sensitive information and trying to improve mobile security using passwords and effective authentication systems.