A recent spate of SIM swap attacks has targeted Friend.Tech users, with the hacker stealing 234 ETH worth over $382,000.
With the perpetrator still at large, users should remain vigilant. Thankfully, there are some security best practices you can follow to minimize the risk of SIM swapping.
Blockchain sleuth Zach XBT has noticed that recent hacks seem to originate from a single malicious actor who has transferred funds to 2 crypto wallets.
SIM swapping refers to a type of cyber attack whereby hackers take over your cell number in order to bypass two-factor authentication (2FA).
Such attacks take advantage of the ability to port a number from one SIM card to another, allowing hackers to dupe 2FA protocols even though they don’t have control over your mobile device.
With SIM-based 2FA popular among crypto wallets, internet banking, and mobile money apps, SIM swapping poses a serious threat, and it is important to know how to protect yourself.
The best way to protect your crypto and financial accounts is to prevent malicious actors from gaining control of your cell number in the first place.
Whether you use Fiend.Tech or not, to help protect yourself from SIM swap attacks, it pays to follow these four security tips.
Depending on which country you live in, mobile network service providers have different duties and obligations when it comes to protecting their customers.
However, regardless of where you live, most providers can put protections in place to ensure that only the account holder is able to port a number from one SIM to another.
It is worth keeping in mind that not all providers enforce additional security measures by default, so you may need to get in touch or change your security settings if you want to enable password protection or enhanced identity verification for SIM port requests.
These days, more secure multi-factor authentication methods are increasingly replacing SIM-based 2FA.
Rather than simply relying on passwords and SMS verification, the most secure verification technologies incorporate device data and biometric authentication to ensure that only you can gain access to your accounts.
Although biometric authentication isn’t the default verification method for many applications, it should always be enabled if you want to ensure maximum protection.
For hackers to carry out a SIM swap attack, they must first convince your mobile network operator to port your number.
To do this, they need to convince someone who works for the operator that they are, in fact, you, usually by presenting them with sufficient personal information.
In 2023, phishing is one of the most common ways for malicious actors to collect identifying information, including your passwords, address, phone number and email address.
Avoid phishing by never clicking on suspicious links or attachments and by always checking that the organization asking you for personal information is who they say they are.
Remember that emails, text messages, and WhatsApp chats can all be manipulated to make it appear as if they come from a legitimate organization. If in doubt, double-check with the organization to confirm what their official website and/or contact details are.
As well as remaining vigilant against phishing threats, you can protect your personal information by getting into the habit of only sharing it when absolutely necessary.
For example, when divulging your personal details, question whether you need to share your full name, email address, and phone number every time. If not, limit the information you share to the bare minimum.