Although most consumers are aware of traditional identity theft, many are unaware of the many techniques fraudsters use to steal millions of dollars from their accounts daily. According to a recent public service announcement, the Internet Crime Complaint Center received 1,611 SIM swapping complaints in 2021, an alarming increase from the reported 320 complaints from 2018, 2019, and 2020 combined – making SIM Swap fraud one of the fastest-growing and most damaging types of fraud today.
SIM swapping, also known as phone number cloning or phone number theft, occurs when a fraudster convinces the victim’s wireless carrier to port their phone number over to a new SIM card, giving the fraudster complete access to their incoming calls and text messages. Fraudsters convince agents at the carrier to make the “swap” by using information they’ve gathered online, through phishing attacks, or by purchasing personal information on the dark web to impersonate the victim.
Since multi-factor authentication is often linked to a mobile number, once a fraudster can start receiving one-time passcodes they can drain bank, brokerage, and cryptocurrency accounts in a matter of minutes. Recent FBI stats reveal Americans lost $68M from SIM swapping attacks in 2021 alone. With 97% of Americans owning a cellphone today, SIM Swap losses will only continue to increase as fraudsters are aware of how lucrative SIM swapping can be.
The FBI recommends mobile carriers take the following precautions to protect against SIM swapping:
The FBI recommends individuals take the following precautions to protect themselves:
While the FBI offers consumers some practical information on how to protect themselves, there are ways you can systematically monitor your customer’s digital identity to help protect them-- and your business from SIM swapping fraud.
Once a fraudster has successfully ported a customer’s number over to their SIM card, they can bypass protective multifactor authentication security barriers and eventually lock the owner out entirely. While adding additional security – like app based authentication or biometrics – can help protect against these types of account take over, they also add friction to legitimate users who often choose convenience over security. SMS is ubiquitous and is often the most convenient solution for customers to add additional security to their account. Adding digital identity checks to high-risk or high-value transactions (like resetting passwords) to watch for recent SIM Swaps or ports can be highly effective in preventing these account takeovers.
As the leading authentication and digital identity player, TeleSign offers unparalleled protection. Our digital identity datasets intelligence strengthens and validates the user authentication process and evaluates fraud risks to serve as the last line of defense against SIM swapping attacks.
SIM Swap detection allows you to verify if and when a mobile phone was swapped or ported and using a dynamic risk-based assessment, we help you to determine the fraudulent intent. TeleSign’s SIM Swap monitoring blocked more than 1 billion account takeover attempts in 2021.
As we continue to rely on our mobile devices in our daily lives, the need to protect our digital footprint, personal information, and digital identity has never been more critical. Investing in additional layers of security will save you potential reputational harm, financial loss, and exhausted resources and keep your customers coming back.
To learn more about keeping customers happy, read our free eBook 'Building trust at every stage of the customer journey'.