SIM-swapping fraud is real and Payfone may have a solution
Why it matters to you
Your bank account can be accessed by thieves who utilize SIM swapping.
Your cell phone can be a gateway to identity theft and now there is a new threat: SIM swapping. Fortunately, a solution is on the horizon. Mobile security provider Payfone has secured a patent involving technology that detects when a SIM card has been swapped and can notify the bank of the person whose number has been switched.
SIM swapping is not inherently bad — you may well have done it to yourself a few times in your life. It involves having a phone number transferred to a different SIM card and it usually happens when people misplace their phone and need to transfer their number to a new SIM.
The common practice becomes exploitative when hackers requests a mobile carrier to transfer your phone number to a SIM card that is in in their possession without your knowledge. Typically fraudsters involved in SIM-swapping fraud use a variety of means to cull personal information about their potential victim. Once the fraudster has the information, they use it to answer the security questions mobile carriers ask to safeguard accounts. And once the mobile carrier deactivates your phone and associates your number with the new SIM card, the fraudster can gain access to your bank account in a number of ways.
SIM swapping is a relatively new threat, but it has already claimed a number of victims. In 2016, Chris Sims (and yes, his name is a bit ironic in this context) had more than $1,500 stolen from his bank account in 75 minutes. Sims says the fraudster called his bank, Halifax, impersonating Sims in order to have his online bank settings reset. Halifax refunded Sims all the money he lost, but the experience had a lasting effect on him. “I’ve been contacted by another woman who this has happened to twice” Sims said. “I won’t be using mobile banking again.”
The Federal Trade Commission noted the number of complaints regarding people hacking into someone’s cell phone or opening a mobile account in a victim’s name more than doubled between January 2013 and January 2016.