English 
Русский 
简体中文 
Português do Brasil 
Français 
Español 
Türkçe 
Polski 
Tiếng Việt 
한국어 
Nederlands 
Italiano 
日本語 
Eesti 
Čeština 
മലയാളം 
Bahasa Melayu 
हिन्दी 
اردو 
Bahasa Indonesia 
Safe WebSIMjacking, also known as SIM swapping and SIM hijacking, is a hacking technique used to gain access to a user’s mobile phone carrier’s account by swapping an existing SIM card with a fraudulent one. This technique is typically used by criminals to intercept text messages and obtain access to the victim’s bank accounts and other private information.
SIMjacking gained widespread attention in 2019 when it was used to steal millions from cryptocurrency users. In this attack, criminals would use the stolen SIM cards to access cryptocurrency wallets and transfer the funds out of the wallets without the owner’s knowledge.
The term “SIMjacking” is derived from the process of fraudulently swapping out a SIM card that originally belonged to the victim. A common attack vector in SIMjacking attempts is to gain access to the victim’s telephone number, allowing the attacker to access the victim’s phone network, sending malicious text messages, and more.
SIMjacking is achieved by a variety of methods, including social engineering, caller ID spoofing, and malware. Attackers can use caller ID spoofing to call the victim’s mobile carrier, impersonating the legitimate user, in order to gain access to the SIM card. Alternatively, attackers can use various malware, including phishing, man-in-the-middle, and other malicious methods, to gain access to the victim’s telephone network.
SIMjacking can be mitigated with the appropriate tools and countermeasures. One way is to use Two-Factor Authentication (2FA) to protect accounts. Another way is to remain vigilant of any suspicious activity, such as unexpected text messages from strange numbers, and to deny any unsolicited requests for information such as account numbers or passwords.
Due to the prevalence of SIMjacking, mobile phone companies are now taking steps to better protect their customers from this type of cyberattack. This includes implementing stricter security measures when closing accounts and requiring customers to answer additional security questions. Additionally, carriers are introducing stronger authentication requirements, such as device pin codes, for customers who wish to access their accounts online.
By following these security measures, users can significantly reduce the risk of SIMjacking.
