The FBI is warning consumers about SIM swapping, a resurgent identity theft scam perhaps best known for having once duped Block CEO Jack Dorsey in 2019.
The scam isn’t new, but cases are skyrocketing: The FBI says that victims lost $68 million to this SIM-card based scam in 2021, compared to just $12 million in the three-year period between 2018 and 2020.
Here’s what to know about SIM-swapping and how to protect yourself.
How the scam works
The scam has a few steps. First, a scammer acquires personal details about the victim either by impersonating telecom company employees through phishing emails or phone calls, or by buying the information on the dark web, where stolen personal information is traded or sold by organized criminals.
This data isn’t hard to find, either. With countless company data breaches over the years, millions of Americans have some of their personal information on the dark web, from their Social Security number to their date of birth.
Next, the scammer calls the victim’s phone service provider. Using the victim’s stolen personal information, the scammer will report the victim’s SIM card as lost or stolen. While many telecoms try to prevent identity fraud through the use of a secret personal identification number, or PIN, often the scammer is able to convince the phone provider that they simply forgot their PIN and need a new one, too.
If the impersonation works, the scammer will ask the phone provider to transfer the victim’s phone number over to a new…
