Student Receives 10 Years in Prison for SIM-Swap Scam | How to Make Sure Your Mobile is Safe
A few weeks ago, we brought you news about how PayPal accounts had become a target for phishing scams. This week, unfortunately, we’ve got more information about how your mobile wallets and casino accounts could be at risk.
This week, a 21-year-old American student has received a ten-year sentence, after stealing $7.5 million worth of cryptocurrency, via a SIM-swapping scam.
If you don’t know about SIM-swapping already, it is essentially a scam which hackers use to gain access to your mobile number. Then, with this information, they can log in to your online banking apps and e-wallets, with the aim of stealing your funds.
Read on to find out more about this particular case, all about SIM-swapping, and how to make sure you don’t fall victim to this insidious type of hack.
The Case Details
On Monday, the Santa Clara County’s District Attorney’s Office accounted that Joel Oritz had hacked the mobile phone of at least 40 individuals. Oritz was said to be a ‘prolific’ SIM swapper.
The student stole a total of over $7.5 million worth of cryptocurrency and, in one crime, stole over $5.2 million ‘in minutes’.
Oritz was taken into custody last year and accepted ten felony theft charges. Now, after two hearings, Oritz has been sentenced for ten years, making him one of the first people in America to be convicted of SIM swapping. The Judge at the trial said:
‘These [people] are crooks who use a computer instead of a gun. They are not just stealing some ethereal, experimental currency. They are stealing college funds, home mortgages, people’s financial lives.’
What is SIM Swapping?
If you use your smartphone to gamble online, for mobile banking or for storing cryptocurrency then you need to be very aware of SIM swap scams.
Essentially, a SIM swap scam is when someone convinces your mobile network to switch your phone number over to a SIM card they have.
In doing this, they can access your authorization text messages (which you may receive from your bank or other mobile payment services). Then they can use this information to access your sensitive accounts and, eventually, steal your money and personal information.
How Does SIM Swapping Work?
A SIM Swapping scam can be broken down into the following steps:
- A mobile hacker will collect as much information about the victim as possible. This may be done by sending the victim a phishing email, surveying social media or by purchasing sensitive information from the deep web.
- The hacker then calls the victim’s mobile network and claims that they need a replacement SIM card.
- When the mobile network asks for security information to complete the SIM card swap, the hacker uses the information they’ve already collected.
- Once the SIM swap is complete, the hacker then has access to all of the victim’s text messages.
- Often, many banks and wallets will send you an SMS code to verify changes of password and transfers. As the hacker now has access to these codes, as they are receiving your text messages, they can log-in as you and steal your funds.
How to Spot a SIM Swap Scam
Unfortunately, if you do fall victim to a SIM swapping scam, you’ll only really be able to spot it until it’s already been completed. Victims usually realise they have been hacked when their phone loses network, or when they do not receive a security code, after having requested one.
In these cases, you need to act fast. Contact customer support as soon as possible and ask to deactivate online and mobile services. You’ll also need to change all your passwords again, and ask for security codes to be sent to a different mobile number.
How to Protect Yourself Before Its Too Late
We know this article has been a bit doom-and-gloomy so far, but the good news is that there’s plenty of ways you can protect yourself from a SIM swapping scam. Below we’ve listed five of the most important security measures any online gambler should take.
Be Cautious When Sharing Personal Details
This one may sound obvious, but one of the most effective ways to protect yourself from any type of online scam is to be careful when sharing sensitive details.
Never give away more information than you need to, and always make sure you do so via a secure connection.
In addition, keep your social media profiles private and implement passwords which aren’t connected to any personal details, i.e don’t use your mother’s maiden name or your date of birth.
Ask Your Bank for a Physical Security Token
Many banking apps and mobile payment services now provide text-based two-factor authorization methods as they think it’s easy for the customer. In theory, this is great as it means you can do everything from one device.
That being said, if you’re concerned about SIM swapping scams, you should ask for a physical security token. This may be a card reader or a plug-in dongle.
You can also implement Touch ID and other biometric security features on your devices and apps. Both of these methods help to prevent scams as they give you an extra layer of security and aren’t something that people can steal via the internet.
Invest in Cold Storage
If you own cryptocurrency, then one of the biggest safety measures you can take is to invest in cold storage. Cold storage refers to keeping your cryptocurrency offline, and off your mobile devices too.
Cold storage options include printed wallets, external hardware and USB flash drives.