SIM Swapping - Is It Really Fraud or Just The Wrong Term?
Posted by Darla Mack
A few weeks ago I came across a Tweet from the FCC discussing how sim-swapping is fraudulent behavior.
SIM swapping is when someone hijacks your mobile number to gain access to your texts and calls for identity theft scams. If you have a sudden loss of service, contact your phone company and bank immediately. For more info, visit: https://t.co/QaL4moF95S #ProtectingConsumers
— The FCC (@FCC) August 26, 2021
It kind of baffled me because years ago, SIM Swapping was just that.... the swapping of sim cards from and to a device for the sole purpose of being able to use said device. Prior to the BYOD or "Bring Your Own Device" era which I'm so glad that finally came to fruition, the act of sim-swapping was done in order to either use more than one device and still keep your mobile phone provider. Travelers also engaged in SIM swapping in order to use the provider of the country that they are visiting, as long as their device was compatible. This was the best way to not incur roaming charges. As bloggers, we always had more than just one device being used at a time. In order to test them with our providers we had to switch the sim card out and put it into the device we were going to use. That was only done with GSM devices, since CDMA and TDMA devices were already programmed for their respective networks.
What I'm not understanding is how did the term go from a positive to a negative? While I'm fully away of the seriousness of fraud, I don't fully agree with the FCC's definition nor meaning. According to the FCC website, SIM-Swapping is explained as:
"Another way to perpetrate this scam is to physically steal the victim’s SIM card, a removable device in some mobile phones that carries a unique ID and stores the consumer’s personal data. The scammer can then use the stolen SIM card in their own mobile device.
In either case, the scammer can gain control over the victim's private texts and calls, and may then try to reset credentials for the victim's financial data and social media accounts. If successful, the scammer can drain the victim’s bank accounts and sell or ransom their social media data."
Back in the day we swapped sim cards for the very purposes that I've explained. But reading the information on the website still leaves me a bit baffled.
- Firstly, according to the above, if one physically removes the victim's SIM card what are they replacing it with? In order for it to be a "swap" another SIM card would be needed to replace the one removed, no?
- Secondly, a SIM card is NOT a removable device. A SIM card or Subscriber Identification Module card is a memory chip that assists in connecting you to your providers network. It does also contain information about you as a customer, but you can control some of the information that is stored on your SIM card. Depending on the device you have there are ways to select what is stored on the card and what is stored on the phone.
- Lastly, the scammer can only use the stolen SIM card IF the victim has not put a SIM lock on it. Because we always swapped SIM's for good reasons, we almost never saved or stored information such as Contacts/Address Books to our SIM's. Instead we stored them to the devices because before the cloud we stored all content to our computers. I guess that became just the normal practice for me.
Again, not to deflect from the severity of fraud in general I just think that maybe a better terminology should be used. But like everything else... that's just my opinion.
Recent Comments