FCC wants carriers to be tough on SIM card hijacking and outbound port fraud

FCC wants carriers to be tough on SIM card hijacking and outbound port fraud

In order to protect wireless carrier customers, the FCC announced Thursday that it has launched a "formal rule-making process" called Notice of Regulatory Proposal (NPRM) to end the practice of SIM card hijacking. and port-out fraud. This is just the start of what could be a one or two year quest to implement new rules that would require a majority vote of the FCC commissioners.
SIM card hijacking occurs when a smartphone user has their SIM card transferred to another device owned by the wrong actor without the user's permission or even without the user's being aware of it. The FCC also tackles port-out fraud, which is when a malicious actor opens an account with a different operator than the one used by the victim. The bad actor then convinces the new operator that the victim wants to transfer his phone number to their company.

SIM card hijacking and port-out fraud can drain your bank account

Port-out fraud requires the wrong actor to obtain customer identification (like the last four digits of their social security number) in order to present themselves as the victim. The bad actor then opens a new account in the victim's name using the stolen phone number and orders expensive devices to be shipped to a new address. This plan often requires the help of an insider who works for the carrier but who has been bribed to participate in the illegal acts.

SIM card hijacking and port-out fraud have both been used in some high-profile cryptocurrency thefts, and earlier that same year T-Mobile was sued by the victim of a similar crime. After all, traders don't usually have any concerns about exchanging SIM cards, as there are legitimate reasons for exchanging. For example, your current card may be damaged or a customer buys a new phone using a different size SIM card.

In a press release, the regulatory agency announced that “The FCC has received numerous complaints from consumers who have experienced significant financial distress, inconvenience and harm as a result of a SIM card swap and port-out fraud. In addition, recent data breaches have revealed customer information that could potentially facilitate the performance of these types of attacks. "

FCC wants carriers to confirm customer identities before making changes to their accounts

In a tweet, the FCC wrote that it had "approved a proposal to tackle SIM swap scams and porterage fraud, which bad actors use to steal consumers' cell phone accounts without ever taking it." physical control of a consumer's phone ”. As part of the proposals, the FCC wants carriers to use secure methods to confirm a customer's identity before moving their phone number to a new device or carrier.

The scary part of these scams is that the victim often has no idea that they are getting scammed until it is far too late. If your phone suddenly lost service, there could be some innocent reason why it happened, or you could be the target of a scam. If you receive a message from your carrier indicating that changes are being made to your account that you have not authorized, call your wireless service provider immediately.

The FCC also suggests that you call your carrier and add a password or PIN to your account to verify your identity. Port-Out fraud requires the wrong actor to convince the carrier that they are you, so don't give out any personal information to anyone who calls and texts you asking for that data. The FCC says you should be especially careful when giving "the last four digits of your social security number, phone number, date of birth, make and model of your car, your pet's name or your mother's maiden name ”.

★ ★ ★ ★ ★

Also read