SIM jacking mobile phones are on the rise in the UK
How hackers can steal your PHONE NUMBER: “SIM Jacking” allows criminals to take SIM cards to plunder bank accounts – and it’s increasing in the UK
- Fraudsters obtain codes from operators to switch numbers to another device
- Since April, more than 300 fraudulent attempts to obtain code have been made
- However, in the previous year there had only been a total of 99 similar cases
- Author Jack Monroe had stolen £ 5,000 from her bank account due to SIM hacking
According to new figures, the SIM card of others is increasing in the UK in an attempt to steal personal information.
According to the Information Commissioner’s Office (ICO), according to the Information Commissioner’s Office (ICO), there have been 300 reports of fraudsters who have obtained codes to transfer phone numbers to a new phone.
Dodgy practice means that criminals obtain a code from a person’s network operator that allows them to switch their victim’s mobile number to another phone.
Once they have gained control of the victim’s telephone number, they can continue to focus on them, often for financial gain.
Since April, more than 300 fraudulent attempts have been reported to gain access to porting authorization codes
WHAT IS SIM JACKING?
SIM Jacking is a fraudster who steals someone else’s phone number
When someone breaks their phone, they usually just have to contact their provider to get a Porting Authorization Code (PAC)
With a PAC, mobile phone users can take their old number with them when you change service providers.
Fraudsters hijack this service by switching the victim’s phone number to another phone, even on another network.
The practice offers criminals control over other people’s telephones and access to their personal information
From July 2019, telephone users can change their mobile network by sending a free text message – but they want to switch to the telephone number.
Criminals who are sufficiently armed with sufficient knowledge of the personal data of the mobile phone user can fool network operators to give them this all-important code, called a Porting Authorization Code (PAC).
The perpetrators must have as much information as possible to pass on the security authorization to the network operator and to obtain a PAC, including name and date of birth, often obtained via phishing emails.
Once this is obtained, the hijacker can gain control of personal information stored on a SIM card, such as identity, messages, and personal security keys – and ultimately steal money.
Figures obtained from the ICO through New scientist shows that since April 2019 there have been more than 300 reported cases of attempted fraudulent PACs.
The ICC had already revealed last month that there had been 399 SIM jacking cases since early April 2018, suggesting that most incidents occurred in the last nine months.
These figures suggest that the popularity of the technique to make fraud possible has become increasingly popular among criminals in a short time and such incidents can continue to rise.
A PAC is normally 9 characters long and has the format ‘ABC123456’.
Phone users can request one for free by simply sending an SMS to the number they want to transfer to another device.
Some operators such as EE and Vodafone allow users to obtain a PAC from a telephone number other than that associated with the number they want to switch, such as a landline.
However, a Vodafone employee has confirmed to MailOnline that a customer must provide a code that is sent to the mobile phone connected to his account if he wants to obtain a PAC.
In October, food writer Jack Monroe said she lost around £ 5,000 after her phone number was stolen in October.
“It looks like my card details and PayPal information have been deleted from an online transaction,” she tweeted.
PAC codes allow someone to move a mobile phone number to a new device, but the process can also be carried out by criminals armed with sufficient personal information
‘The telephone number has been transferred to a new SIM card, which means that crims bypass access / authentication and authorize payments.
‘I don’t use publicly available e-mail addresses on my financial accounts; my passwords are gobbledegook letters and numbers and special characters; I have 2-step verification on all my accounts.
“I am absolutely absurdly paranoid about security.”
“SIM swap fraud is devastating, as we’ve seen with Jack Monroe,” Pat Walshe, Privacy Matters Advisor to New Scientist, said.
“There is evil there. You should not only think in terms of financial damage, there is the fear and there is the suffering that this causes, the absolute discomfort while you are without your phone.
The ICO has so far identified 11 of the PAC fraud cases since it was confirmed last April that it concerns SIM jacking.
‘We do not know which operators have reported what and we do not know whether the fraudulently obtained PACs are in fact SIM swap fraud. We can only assume that it is, “Walshe said.