In 2019, approximately 3000 Nigerians reported having their sim cards hacked monthly. We cannot say how many more went unreported. Sim hacking is done by cybercriminals who illegally access data stored on sim cards in order to steal private information for financial fraud or other mischiefs.
Here are three ways your sim can be hacked and three ways to avoid this.
Ways sim cards can be hacked
Sim cloning – in a sim clone attack, hackers make an unauthorized copy of your sim using a smart card copying software, with the aim of accessing private information such as passwords, contacts list and social media accounts. All the information contained in your sim card will then be duplicated on a separate sim card now available to the hacker at will. This hacking method will typically require the hackers to have physical access to the sim card for it to be cloned successfully.
Sim swapping – this is a more common sim hacking method. Its popularity is rooted in the fact that most hacking is done remotely. Cybercriminals first target you to steal your identity by obtaining your private information from a number of places including social media, after which they then reach out to your network provider impersonating you to convince these providers to transfer your sim card number to a new sim card. Once the sim swap is completed, the hackers can now access all the private information stored on your phone. This method is particularly problematic because these hackers can intercept attempts to change your passwords and also, make fraudulent bank transactions appear to have been genuinely authorized by you.
Sim jacking and phishing – even where hackers do not gain physical access to your sim card or perpetrate a sim swap scam, they could still hack your sim card through sim jacking and phishing. Hackers engage in sim jacking by sending links containing malware via SMS to your phone. Once you click on such links the hackers gain access to your contacts list, messages and other private information. Much like sim jacking, phishing is done when these cybercriminals having gained control of your sim card subsequently send out messages containing malware to your contacts who based on the trust they have in you, do not hesitate to open such SMS containing spyware. This in turn gives the hackers unauthorized access to your contacts’ data in a cyclical manner.
Ways to limit exposure to sim card hackers.
Research has shown that the prevalence of cryptocurrencies and the use of mobile bank apps, has led to a rise in sim hacking. Even though the most careful persons could fall victim to cyber-attacks, high net worth individuals and crypto traders, are particularly vulnerable. Cybercriminals take advantage of the weak link in two-factor authentication which requires sending an SMS to your mobile number which the hackers may be in control of.
Three ways to limit your exposure to sim card hacking include:
Passwords and 2FA apps – using a sim card password in addition to a phone password is important to frustrate the activities of hackers. More important will be to always direct your SMS to an alternate phone number where possible or use a two-factor authentication app such as Google or Microsoft authenticator. Using a two-factor authentication app will require the hackers to access not just your sim card, but your phone as well which may serve as a deterrent seeing that most hacking is done remotely.
Limit the amount of personal information posted online – because hackers have been known to source for their victim’s personal information from their social media handles, limiting the amount of private information published online such as phone numbers, email addresses or your mother’s maiden name, could limit your susceptibility to sim card hacking. Similarly, ensure that you only supply personal information to trusted organisations with reliable privacy policies.
Treating links from unknown sources with suspicion – regarding as suspicious and dealing cautiously with links from unknown sources or questionable links from known sources will greatly limit the likelihood of having your sim card hacked as such hackers will otherwise have no entry point to access your private data.
HollaTags helps businesses communicate with all kinds of customers on mobile through platforms and APIs for USSD, SMS, and Voice.