The FBI has published a Public Service Announcement (PSA) regarding the increasing practice of Subscriber Identity Module (SIM) swapping by criminals to steal money from fiat and virtual currency accounts. In 2021 alone, the FBI received 1,611 SIM swapping complaints with losses of more than $68 million. According to the FBI, “SIM swapping is a malicious technique where criminal actors target mobile carriers to gain access to victims' bank accounts, virtual currency accounts, and other sensitive information. Criminal actors primarily conduct SIM swap schemes using social engineering, insider threat, or phishing techniques.”
After the SIM is swapped, the criminal will have the victim’s calls, texts, and other data redirected to their device. This access provides criminals the ability to send 'Forgot Password' or 'Account Recovery' requests to the victim's email and other accounts associated with the victim's mobile number. Criminals can also abuse SMS-based two-factor authentication to login, reset passwords, and gain control of accounts associated with the victim’s number. The PSA lists several methods for individuals and mobile carriers to defend against this threat. Access the PSA Below.