In an effort to protect customers of wireless carriers, the FCC
on Thursday announced that it has started a “formal rulemaking process” called The Notice of Proposed Rulemaking (NPRM) to stop the practice of SIM Hijacking and Port-Out fraud. This is just the beginning of what could be a one or two-year quest to implement new rules which would require a majority vote from FCC commissioners.
SIM hijacking is when a smartphone user has his or her SIM card transferred over to another device owned by the bad actor without the user’s permission or even awareness. The FCC also is cracking down on Port-Out fraud which is when a bad actor opens an account with a different carrier than one used by the victim. The bad actor then convinces the new carrier that the victim wants to port his phone number over to their company.
SIM hijacking and Port-out fraud can empty your bank account
Port-Out fraud requires the bad actor to obtain some piece of the customer’s ID (such as last the last four numbers of their Social Security number) in an effort to portray himself as the victim. The bad actor then opens a new account in the victim’s name using the stolen phone number, and orders expensive devices to be shipped to a new address. This plan often requires the help of an insider who works for the carrier but who has been bribed to participate in the illegal acts.
FCC announces it plans to combat Port-out fraud and SIM hijacking
SIM Hijacking and Port-Out fraud have both has been used in some high-profile cryptocurrency thefts
, and earlier that same year T-Mobile
was sued by the victim of a similar crime. After all, swapping SIM cards usually doesn’t raise any concern among carriers since there are legitimate reasons to make a swap. For instance, your current card could be damaged, or a customer purchases a new phone that uses a different-sized SIM.
In a press release, the regulatory agency announced that “The FCC has received numerous complaints from consumers who have suffered significant distress, inconvenience, and financial harm as a result of SIM swapping and port-out fraud.In addition, recent data breaches have exposed customer information that could potentially make it easier to pull off these kinds of attacks.”
FCC wants the carriers to confirm customers’ identity before making changes to their accounts
In a tweet, the FCC wrote that it had “approved a proposal aimed at combating SIM swapping scams and port-out fraud, which bad actors use to steal consumers’ cell phone accounts without ever gaining physical control of a consumer’s phone.” Under the proposals, the FCC wants the carriers to use secure methods to confirm a customer’s identity before porting out his/her phone number to a new device or carrier.
The scary part about these scams is that the victim often has no idea that he/she is being ripped off until it is much too late. If your phone has lost service all of a sudden, there could be an innocent reason why it happened, or you might be the target of a scam. If you receive a message from your carrier stating that changes are being made to your account that you didn’t authorize, call your wireless provider immediately.
The FCC also suggests that you call your carrier and have a password or PIN number added to your account to verify your identity. The Port-Out fraud requires the bad actor to convince the carrier that he is you, so do not give away any personal information to anyone who calls and texts you requesting this data. The FCC says that you should be especially careful giving away “the last four digits of your Social Security number, your phone number, your date of birth, the make and model of your car, your pet’s name, or your mother’s maiden name.”