By Jane Northrop
A Pacifican, who wishes to remain anonymous but who wishes to alert others about what happened to her, became an identity theft victim with a SIM Card Swap when her I-phone was hacked.
She had to close her bank accounts, change her cell phone provider and put a freeze on her Social Security number.
The crime was committed overseas.
“Somehow they were able to convince AT&T that they were me. So I was very disappointed that they did not ask any security questions,” she said. “They just asked AT&T to shut down my phone and transfer all my information that was on my SIM card to their new phone. Then they pretended they were me and got a hold of my U.S. bank and were able to withdraw $1,000 by creating a Zello account. I immediately called the bank and they froze my account. AT&T said they were able to hack into my email account and access my AT&T online phone bill.”
Next, they tried to get more than $1,000 from her account, but the bank shut them down. The bank did refund all her money. Since then, she has changed the way she does business. She no longer uses her phone to make business transactions with her clients.
Captain Chris Clements of the Pacifica Police Department, where she made a police report, said, unfortunately, this type of cyber-attack is not new.
“Criminals are always working to find new ways to exploit unsuspecting victims. These types of cases are very difficult to investigate, they often cross state lines and international borders, and require technical expertise to follow the electronic evidence. It is best to learn about these types of crimes and learn ways to protect yourself and your sensitive information,” he said.
The Federal Trade Commission (FTC) website is a tremendous resource on all varieties of scams, Clements said. The link to the website is at the end of this article.
That website described a scenario much like our Pacifican experienced when suddenly a cell phone stops working and the cell provided says your SIM card has been activated on another device. The website describes how criminals pull off a SIM card swap. For example, they may call your provider and say your phone was lost or damaged. Then they ask to activate a new SIM card on a phone they own using your information or they could log onto your accounts that use text messages as a multi-factor verification because they will get a text message.
The FTC recommends using multi-factor authentication to log into your accounts – a password and a second credential to verify your identity, such as a passcode, security key or authentication app or fingerprint, retina scan or scan of your face.
The FTC website listed ways to protect yourself from a SIM card swap – don’t reply to messages that require personal information to avoid being the victim of “phishing,” limit the personal information you share online, set up a PIN or password on your cell account, and consider using stronger authentication on accounts with financial information.
If you are a victim, call your cell provider to take back control of your phone number. Change passwords. Call your bank and report any fraud.
This is a link to the FTC website with helpful hints and instructions about what to do if you are a victim of a SIM Card Swap or identity theft.
(Jane Northrop can be reached at email@example.com)