There’s a new cyberattack, called SIM swapping, that’s being used increasingly to target digital asset holders. Not only can attackers drain cryptocurrency holdings once the SIM swap is complete, they are also able to mess up your entire life. Fortunately, there are ways to reduce the likelihood of a SIM swap happening to you.
In this article, you’ll learn how to protect your digital currency accounts from this type of attack.
What is SIM Swapping?
SIM swapping is when a hacker is able to fool your cell phone provider into believing they are speaking with you and then, instructing them to activate your SIM card on a new device. The cell provider thinks you’ve gotten a new phone, but really the hacker is stealing your mobile phone number and associating it with a SIM card that they control.
A successful attack will cause your own device to deactivate, and all your data, phone calls, texts, and any information from accounts tied to your phone number will be sent to the attacker’s phone. With all of that access and information, the attacker is now able to get access to your personal accounts, including email, social media, bank accounts, and in many cases your cryptocurrency accounts and wallets. Not only can they access them, but they may also be able to lock you out of those accounts forever.
Just think of how many accounts use your phone number as a way to verify your identity. And in many of these accounts having control of the phone number associated with them means you can activate the recovery mechanisms which will reset passwords and give the attacker access.
Maybe you haven’t associated your crypto wallets with a phone number, but they are associated with an email. In that case, all the attacker needs to do is take over your email account, which likely is associated with your phone number.
What a SIM swap Hack looks Like
A hacker doesn’t need physical access to your phone to conduct a SIM swap. In fact, they can do it from thousands of miles away. And, it doesn’t matter what type of phone you use, or who your service provider is. They are all just as vulnerable. That’s because all the attacker needs is enough personal information to convince the customer service rep at your provider that it is you calling in.
In nearly all cases, you’ll never know a SIM swap is being done until you’re locked out of your phone. And in many of these cyberattacks, the attacker will also have you locked out of your email and other online accounts within minutes.
The first indication you’ll get of a SIM swap being performed is when you are suddenly unable to receive texts or calls. You may also be be unable to log into your online accounts or you may receive an SMS from your provider informing you your SIM card has been activated elsewhere.
Worst cases are you end up like Sean Coonce, who lost north of $100,000 from his Coinbase account in a SIM swap attack last May. Or even worse, like Seth Shapiro, who lost $1.8 million to hackers in a SIM swap. Or like Michael Terpin, whose SIM swap attack reportedly cost him $24 million.
Preventing a SIM swap Attack
There are several steps you can take to minimize the chance of becoming a victim of a SIM swap attack. These include:
- Beware of phishing scams
- Reduce excessive personal data online
- Protect your accounts (PIN, 2FA, security questions, strong passwords)
- Decentralize your online footprint
Stop Hackers in their Tracks
If you really want to protect your crypto holdings from this type of attack the very best way is to use a separate phone for your digital asset accounts. This phone number shouldn’t be used anywhere else online, and the number shouldn’t be shared with anyone.
In addition to using a second phone for cryptocurrency exchange accounts, you should always move your funds out of any online exchange and into an offline wallet. The best choice is to use a hardware wallet like the Ledger or Trezor.
To keep up-to-date with all the latest developments in bitcoin and blockchain, subscribe to Bitcoin Market Journal today!