As smartphones become the central hub for managing digital assets, they have also become prime targets for cybercriminals. One of the most dangerous threats to crypto users today is the SIM swap attack, a method that can bypass even the most secure systems and lead to devastating financial losses.
By understanding how these attacks work and taking proactive steps, you can protect yourself from becoming a victim. Here’s what to know.
KEY TAKEAWAYS
•SIM swap attacks can bypass 2FA and lead to significant financial losses, particularly in the crypto space.
•Vigilance and the use of multi-factor authentication methods beyond SMS-based 2FA are crucial in preventing SIM swap attacks.
•In the event of a SIM swap, immediate action is essential to minimize damage and recover your accounts.
- What is a SIM swap attack?
- What is a SIM card?
- How does a SIM swap crypto attack work?
- How to recognize the signs of a SIM swap crypto attack
- The risks of SIM swap attacks for crypto users
- Examples of SIM swap crypto attacks
- Can you prevent a SIM swap crypto attack?
- How to prevent SIM swapping hacks?
- What to do if you are the victim of a SIM swap attack?
- Frequently asked questions
What is a SIM swap attack?
A SIM swap attack is a type of cyber attack in which a SIM hacker assumes a victim’s identity and gains access to and control over their phone number. The hackers then use the victim’s phone number to access their financial or social media accounts. This type of attack is also known as SIM swap fraud or SIM hijacking.
SIM swapping can happen in two ways. Either a hacker steals your phone and gets access to your SIM card, or they call your SIM card carrier and tricks them into activating a SIM card in their possession. Bad actors usually swap SIMs to bypass two-factor authentication (2FA), gaining access to and control over your cryptocurrency assets.
Two-factor authentication (2FA) is commonly delivered to users via email, text message, or voice call. While these methods provide users with flexibility, they aren’t immune to all cyber threats.
In the case of SIM swap attacks, once a bad actor has access to your phone number, they can intercept messages and calls sent to your phone, including those used for 2FA. This way, they gain illegal access to your bank account, crypto exchanges, and digital wallet.
Once a hacker gains unauthorized access to your mobile device and, by extension, your bank accounts, credit card information, and crypto wallets, they can easily withdraw funds and transfer your digital assets to their accounts.
Although hackers may use various methods, such as coercion for payment to recover your phone number or exploitation of your social media accounts, financial gain is the common goal. Now that we understand what type of attack SIM swapping is, let’s examine how it works.
What is a SIM card?
To understand SIM swap fraud, as discussed in the last segment, you must first clearly understand what a SIM card is.
A subscriber identity module, commonly referred to as a SIM, is a small removable card with a circuit-embedded chip that activates calling, texting, and data services on a smartphone device.
A SIM card stores your identifying information and is secured by a personal identification number (PIN). It also stores extensive personal and operational information. Thus, removing your SIM card from one phone and inserting it in another will transfer the SIM card’s mobile services to the new device. While telco companies can also transfer the unique identifiers, they tend to do this in cases where the original SIM card gets lost.
Because of this, SIM cards are susceptible to a type of attack known as a SIM swap attack.
How does a SIM swap crypto attack work?
SIM cards utilize distinct user data to connect to a mobile network. SIM swapping occurs when the unique data is transferred to another SIM card, such that the “old” SIM card won’t work, and all carrier-facilitated services like calls, internet, and texts are sent to the new card.
To get your phone number, a scammer will start by collecting as much personal identifying information on you as possible before they engage in social engineering. Hackers can gather information about you through malicious malware, phishing emails, or social media research.
Once they have your personal information, they’ll call your network carrier and use social engineering tactics to persuade your mobile network carrier to port your SIM card remotely to the one they have. If they successfully convince your network carrier by answering the questions asked correctly, your SIM card will be cloned to theirs.
The newly cloned SIM card will function the same way it would if it were in your phone. The scammers then exploit your vulnerable financial accounts, such as your crypto wallets, as they can easily maneuver through security measures like 2FA. They will use your phone number to request and receive one-time authorization codes needed for transactions, log into your online accounts, and steal your digital assets.
While SIM swap attacks have been prevalent in traditional financial institutions, they have since made their way into the blockchain and crypto space, forcing users to add SIM swap fraud to a growing list of well-known attacks, such as the 51% attack, sandwich attack, and Sybil attack.
“Search engines should be held liable for losses incurred by serving phishing links in ads results. Mobile carriers should be held liable for losses incurred by SIM swap attacks. There’s next to zero incentives for these service providers to resolve these attack vectors otherwise,”
ChainLinkGod.eth, podcaster and Chainlink’s Community Ambassador: X
The role of social media in SIM swap fraud
Social media is one avenue that scammers use to collect personal information on you.
Scammers can gather information from your social media profiles on various networks. For example, if your birth date and mother’s maiden name are part of your security questions, a hacker can get this information from your Facebook profile.
They will then use this information to carry out a SIM swap and transfer your digital assets to their wallets. Therefore, it’s important to ensure that you share as little personal information online as possible.
How to recognize the signs of a SIM swap crypto attack
The signs of a SIM swap crypto attack are usually easy to identify. However, they are only obvious after the attack has been carried out. Some things to look out for include:
- Account lockouts: The inability to suddenly access your bank accounts, crypto wallets, emails, or social media networks could indicate that hackers have assumed your accounts.
- Loss of mobile service: A sudden lack of mobile phone service is usually a major sign that a SIM swap has happened, as you won’t have data service and will not be able to make or receive calls and texts. You can always confirm with your service provider if it’s a temporary service issue or if a SIM swap has occurred.
- Suspicious transactions: Receiving notifications for transactions you didn’t authorize or make can signify a SIM swap attack.
- Unusual account activity: Noticing posts on your social media channels that you didn’t make could indicate SIM hijacking.
- Unusual notifications: On the onset of a SIM swap attack, you may receive calls or texts regarding an unexpected change to your carrier’s service. If this occurs, call your network service provider and confirm the changes.
The risks of SIM swap attacks for crypto users
Existing security measures, like zero-trust architecture, have not prevented scammers from developing new techniques.
SIM swap attacks pose a significant threat to the security of crypto wallets and exchanges. Many crypto exchanges and wallets rely heavily on SMS-based 2FA to confirm transactions. Thus, a SIM swap attack gives hackers access to a victim’s crypto exchange or wallet and transfers their digital assets.
Additionally, SIM swap attacks can give hackers access to a victim’s email account, which they can use to change settings, reset passwords, and compromise other associated accounts. They can then change the sign-in details of a victim’s crypto exchange or wallet and take complete control of the accounts and funds.
Stay safe in decentralized ecosystems. Check our guide to the top 10 most important cryptocurrency security tips in 2024.
Examples of SIM swap crypto attacks
Below are some known cases of SIM swap crypto attacks that have taken place.
Friend.tech SIM swap attack
A few users of the decentralized social media platform Friend.tech, fell victim to several SIM swap attacks in October 2023. A single scammer, unearthed by ZachXBT, stole $385,000 worth of Ether after SIM swapping four separate Friend.tech users.
Michael Terpin
In 2018, Michael Terpin, an entrepreneur and blockchain technology expert, became a victim of a SIM swap attack carried out by 15-year-old Ellis Pinksy. The SIM swap attack saw Terpin lose $23 million of digital assets. He later sued everyone involved in the attack, including his network carrier, AT&T.
Although he lost the case against AT$T, Terpin filed more lawsuits, including one against Pinksy after turning 18 in 2020. It’s reported that Pinksy was just a facade of a large social engineering hacking gang that used minors and telecommunication workers to carry out SIM swap frauds on selected targets.
Vitalik Buterin’s X (formerly Twitter) account hack
On Sep. 9, 2023, hackers successfully attempted a SIM swap attack that gave them access to Ethereum’s co-founder Vitalik Buterin’s X account. They then posted a link asking users to claim a free NFT offered by Buterin. The link led users to a malicious site that promised them a stake in an NFT. It further mentioned the project was created in partnership with Consensys.
Users had to connect their wallets to the website to claim the non-fungible token. Those who connected their wallets got swindled of their digital assets, including NFTs.
ZachXBT, a pseudonymous crypto detective on X, reported that more than $690,000 worth of assets were stolen. Buterin later confirmed that the data breach resulted from a SIM swap fraud.
Jack Dorsey’s account hack
In 2019, the Twitter CEO fell victim to a SIM swap attack, which allowed hackers to take control of his Twitter account. They used the account to post offensive and inappropriate messages to his millions of followers.
Additional examples
A college student, Joel Ortiz, was arrested for orchestrating over 40 SIM swap attacks, stealing more than $5 million in cryptocurrency.
Plus, a California man named Robert Ross lost $1 million in cryptocurrency after hackers used a SIM swap to gain control of his phone number. The hackers drained his accounts by bypassing two-factor authentication protections.
Last but not least, Emmy-winning media executive Seth Shapiro sued AT&T after losing $1.8 million in a SIM swap attack. Shapiro alleged that AT&T employees conspired with hackers to execute the attack, which resulted in the theft of his crypto holdings.
Can you prevent a SIM swap crypto attack?
While preventing a SIM swap crypto attack is possible, it might require more effort and vigilance. You must remain vigilant online to prevent a SIM swap crypto attack. Be wary of what you post, ensuring you don’t post any personal identifying information. Avoid phishing emails, and don’t click on links or download attachments from people or addresses you don’t know.
In addition, make sure that you use a strong and unique password for every online account you have. Using one password across multiple accounts can lead to bigger losses in the event of a successful SIM swap attack. You could also use a well-established password manager to manage your passwords.
Try to steer clear of email-based or text-based 2FA. Consider using other multi-factor authentication methods, such as authentication apps, biometrics, or secure physical keys. You can also create separate PINs if your network carrier permits that, as this offers an extra layer of security.
How to prevent SIM swapping hacks?
There are various ways that you can prevent SIM-swapping hacks. These methods include:
1. Avoid accidentally doxxing yourself
Doxxing is sharing personal identifying information on the internet, usually with malicious intent. Avoid sharing unnecessary personal identifying information online, as hackers could collect it and use social engineering to carry out SIM swaps and steal your crypto assets.
2. Don’t use your phone number as a sign-in and recovery option
Various online platforms initially used phone numbers for users to sign into their websites. While emails have become popular, some websites still allow users to sign up and sign in using their phone numbers. For such platforms, you should sign in using an email instead of a phone number. Linking an online account to your phone number makes it easy for hackers to swap your SIM card.
3. Use multi-factor authentication
Instead, use authenticator apps like Google or Microsoft authenticator apps as they are less risky. Always use multiple authentication methods to keep your accounts safe and prevent SIM-swapping hacks.
You can use various multi-factor authentication (MFA) methods. You can choose from authenticator apps, biometrics, email-based authentication, hardware tokens, or text-based authentication. While email and text-based authentication are convenient, they pose a huge risk in the event of a successful SIM swap attack.
SIM swap attacks are troubling because bad actors can gain personally identifying information about you and use that to steal your crypto assets. Always ensure that you take the necessary measures to prevent falling victim to a SIM swap attack.
What to do if you are the victim of a SIM swap attack?
A SIM swap attack poses a severe threat, particularly to those in the crypto space. By understanding how these attacks work and taking proactive measures to protect your accounts, you can significantly reduce the risk. Stay vigilant, use top-of-the-line security practices, and be prepared to act quickly if you suspect an attack.
Frequently asked questions
How hard is it to perform a SIM swap hack?
What can I do to get my funds back?
Is SIM swapping still a threat?
What is a SIM swapping attack?
Is it illegal to SIM swap?
Is SIM swap possible in the U.S.?
Is SIM swap a cybercrime?
How do I know if I’ve been SIM swapped?
Disclaimer
In line with the Trust Project guidelines, the educational content on this website is offered in good faith and for general information purposes only. BeInCrypto prioritizes providing high-quality information, taking the time to research and create informative content for readers. While partners may reward the company with commissions for placements in articles, these commissions do not influence the unbiased, honest, and helpful content creation process. Any action taken by the reader based on this information is strictly at their own risk. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
