According to the Australian Institute of Criminology the annual impact of identity theft exceeds a whopping $3.1 billion (up from $2 billion in previous years), and that’s only expected to grow. It’s also a key enabler of serious and organised crime, which costs Australia around $36 billion annually.
SIM swaps and porting fraud are a particularly dangerous form of cyber crime. Phone porting is a legitimate service that lets you transfer your mobile number and SIM card information from one telecommunications provider to another without changing or losing your original number. However, hackers can exploit this service, instead using it to change your phone details without your knowledge. This gives them easy access to important information like your online banking and eCommerce stores.
So let’s take a look at SIM swap and porting fraud, and how you can make it harder for criminals to steal your identity and hard-earned cash.
How scammers steal your identity with SIM swaps and porting fraud
When it comes to SIM swaps and porting fraud, scammers aim to use this form of identity theft to take control of your accounts and services. With the increasing use of pins and passwords that are sent to your mobile number (commonly referred to as one-time codes), if a scammer can get access to your mobile service, and the messages sent to you, then they can potentially access your accounts. A tell-tale sign that cyber criminals have access to your mobile number is if your phone is displaying ‘SOS only’ where reception bars usually appear.
By the time a scammer has access to your mobile service, they’re already busy at work collecting enough personal information to pretend to be you. They will have nabbed your phone number, bank account information, as well as identification information and documents.
How to keep your business safe
Protecting any personal or sensitive information is the first step in preventing identify theft. But when that fails, it helps to put up one more barrier as a last line of defence against cyber crime.
One way you can strengthen your security is to implement multi-factor authentication (MFA). In simple terms, MFA combines multiple layers of verification to help institutions protect and prevent a criminal form accessing your account, even if they manage to steal or guess your password. Here’s how you can get started with MFA if you haven’t already.
Many platforms that handle sensitive data – like your accounting apps or online store provider – have strong authentication processes. Still, some fraudsters can use these channels to gather enough personal and account information and persuade you to give up your one-time codes in order to pass authentication. From there, they can access other accounts including your bank accounts, eCommerce platforms, and investment or crypto currency wallets.
This is where extra protection can help stop this train of fraud in its tracks. Where possible, and in addition to MFA, select additional defences for your apps like Facial Biometrics and a PIN.
Protecting your business from SIM swaps and porting fraud doesn’t have to be big a task, but it’s important to be thorough. Our article on how to plan and recover from a potential cyber attack can help you stay one step ahead. Aside from enabling MFA and investing in any extra layers of protection you can, consider looking into the ways con-artists can hack your business.