The FCC this week is calling on carriers to improve their security protections for SIM-swap and port-out attacks. While carriers are unlikely to follow suit in a timely fashion, there are steps you can take to reduce your risk of falling victim to these attacks.
SIM-swap attacks occur when hackers trick your carrier into putting your number on a new SIM. A port-out attack occurs when hackers created a new carrier account under your name. Both methods allow hackers to receive two-factor authentication codes, which they can use to gain access to other personal information and accounts. Because they have access to the 2FA, it’s very difficult to prove your identity in this situation.
Because of how devastating these attacks can be, the FCC wants carriers to use better protections to ensure SIM-swap and port-out attacks cannot happen. Until then, there are steps you can take to prevent these attacks on your own. Set a PIN or password for your account, if your carrier allows you to. You should also use an authenticator app, rather than SMS, and don’t fall for any communication asking for personal data.