Cloned SIMs, beware of the new scam that empties your account

A new scam targets phone SIMs and allows hackers to steal all the money from your bank account: how it works

The cases of "SIM Swap Scam" are growing, also in Italy, that is the frauds related to the cloning of phone SIMs with which cyber criminals can empty our bank account. As pointed out by the Italian software house Soft Strategy, these are very elaborate scams and not within the reach of all the criminals of the Web, but nevertheless their number is increasing.

Phenomenon born in the U.S., but widespread in Italy since 2015, the SIM Swap Scam can have disastrous effects: sometimes users have seen themselves subtracted, overnight, tens of thousands of euros from their bank account. Paradoxically, then, the boom of frauds related to cloned SIMs depends on the strengthening of some security measures of online current accounts, such as the use of the phone number as a second authentication factor (the so-called software token) instead of the old "keys" (the physical tokens). As usual, though, it all starts with collecting our personal data present online and stealing our identity.

How the cloned SIM scam works

Cloning a SIM for illicit purposes is not super easy, but as we've already seen it can pay off big time. It starts by collecting a user's personal data, usually from social networks, and looking for their phone number. Then, thanks to counterfeit documents, the phone operator is asked to issue a new SIM card (usually claiming to have lost it or that the phone has been stolen). At this point the scam is almost done: from the cloned number you call the bank to ask for credentials to access the online account. The bank often takes the bait, because the call comes from the number registered in their systems and is also the second authentication factor chosen by the user. Once the cybercriminal has access to the account, he empties it in a matter of minutes.

How to defend yourself against the cloned SIM scam

The first symptom that lets us know that our SIM has been cloned is the fact that it no longer works: it doesn't connect to the phone network, it doesn't send SMS, it doesn't connect to the Internet. At this point, unfortunately, it may already be too late. Better to prevent: avoid declaring too much personal information in your online profiles, especially those of social networks, to prevent the automated collection of our data. Personal information, unfortunately, can also be extracted from malicious or infected apps, so we need to be very careful about what we install on our smartphones. Finally, at least for the most important sites such as those of online banks, it is useful to have a hardware security key so as not to use your cell phone as a second authentication factor.