SIM swapping is the most common scam this year. Photo: Shutterstock
One of the most well-known scams of this 2022 is the exchange of the SIM card (“SIM Exchange”). By cheating those who work at telephone companies, the scammers do it suppliers pass on our phone numbers to them to the cards controlled by them and there they can empty our Mercado Pago accounts or the online bank. But few know that there is a way to protect yourself from this.
SIM cards are integrated circuits that store your phone number, along with other sensitive data such as international line identity and a unique serial code. They are transferable between devices: just remove the card and insert it into another phone the telephone line and personal data are transferred.
Cyber security specialists claim that cybercriminals use this technique to duplicate the SIM card of their victims’ cell phones. A) Yes, can access all your personal information and, above all, use them in the verification via the mobile phone that usually everyone asks for banks when operating via the Internet.
The problem arises from the few security measures of the telephone companies. From there, cybercriminals are able to bypass any kind of security barrier through a technique called “social engineering”, which consists of deceiving through persuasion and psychological manipulation, as well as exploiting human error. In this case, why telephone companies distribute SIM cards to anyone who comes to ask for a new one.
Few people know that in addition to the phone key, the SIM card can also be protected by a 4-number brooch.
Put a PIN on the SIM – the only solution
The SIM contains the telephone line. Photo: Shutterstock
A SIM card usually comes with a default PIN, but is not used for locking purposes. The SIM card also has an unlock key Associated PIN (PUK), which is usually only used when the line is first purchased.
But the SIM card can have a key for every time the phone is turned on. In this way, if a scammer asks for a SIM with our phone and inserts it in his device, he will have to put it the key we have chosen. This way, you will not be able to log in to access our accounts.
To do this you need to access the security options of the device.
Step by step, in the configuration of the phone: put a key on the SIM
Once there you need to activate the advanced options, where it will display the SIM lock option. There you can change the pin. It’s as simple as picking a number we remember and that’s it.
As a tip, it is very important not to forget this pin, it is a good idea to write it down on a piece of paper and leave it in a safe place at home.
Second factor, the other important measure
Password and password. Photo: Shutterstock
Another of the essential security measures concerns the activation of the second authentication factor in all our accounts. While the sim swaps “bypass” this security measure, all other scams are foiled when we have this asset.
Double authentication is a security filter to protect accounts from unauthorized access. Also referred to as “2FA”, this allows a system to confirm that a person is the true owner of the account being accessed. Validation occurs through something that, in theory, only the owner knows, has or is.
This is one maximum cyber security: to log in we need something we know (a password), something we have (a security token, for example) or something we are (biometric data: fingerprint, face, etc.). Each of these is a different factor. For our account to be secure, we need at least two of these three factors.
Two passwords do not imply two factors: the factors are distinct so that it is difficult for cybercriminals to access the account, as with our password alone they will not be able to enter as they will have to be validated by our mobile phone or our fingerprint.
For this reason, whenever the application allows it, a second factor must be activated via applications such as Google authenticatorand never choose the SMS option as it is the easiest for cybercriminals when trading sims.
SL
Source: Clarin
