Hackers are taking advantage of phone carriers’ vulnerabilities
Last year, a group of professors and Ph.D. from Harvard and Princeton University published a scathing report entitled, “An Empirical Study of Wireless Carrier Authentication for SIM Swaps.” The lead investigators discovered that five major U.S. wireless carriers — Verizon, AT&T, T-Mobile, Tracfone and US Mobile — all used insecure authentication methods for SIM swapping.
The report’s authors said that the carriers’ poor verification protocols could easily be subverted by malicious actors, which is why many hackers successfully stole victims’ phone numbers and took over their accounts over the years.
SIM swapping isn’t new, but it’s catching authorities’ attention as the practice becomes more prevalent in the cryptocurrency space. Just last month, a teenager stole $36 million in cryptocurrency using this fraudulent method. Unfortunately, once you’re a victim of a SIM swapping attack, seeking recourse is difficult. Thankfully, there are ways you can safeguard your crypto account to prevent SIM hijacking.