What is SIM swapping? Best Ways to Protect Your Crypto (2024)

A SIM swap scheme deceives your mobile carrier into redirecting your texts and calls to a fraudster, which includes vital codes for password recovery and account verification. Should a SIM swap breach your social media or financial accounts, the ramifications can be severe. Educate yourself on SIM swapping and strategies to mitigate SIM swap attacks in the realm of cryptocurrency.

What is a SIM Card?

A Subscriber Identity Module (SIM) card serves as a detachable element found in the majority of mobile devices. Installed by your cellular provider (such as Verizon or AT&T), it establishes a connection between the device and the user, along with their phone number.

The SIM card is interchangeable, allowing it to be transferred between devices, or the information (including the phone number) stored on one SIM card can be migrated.

What Is a SIM Swap Attack?

A SIM swap attack occurs when a malicious individual obtains your SIM card details and transfers them from your device to theirs. While this can occur if they physically steal your phone and remove the SIM card, it’s more commonly executed remotely.

To carry out a remote SIM swap, the attacker typically contacts your mobile carrier or visits one of its physical locations, posing as you. They might have acquired personal information about you through previous hacks or have an insider within the company whom they can contact to request the transfer of data. Each mobile carrier has its own set of protocols for transferring a SIM to a new device.

Once the attacker persuades a customer support representative at your carrier to transfer your SIM card, they seize control of your phone number. Consequently, they receive all calls and text messages directed to that number. Moreover, they gain access to all applications installed on your phone, including social media and financial apps.

Sim swapping meme

How to Tell if Your a Victim of SIM Swapping?

Can't make calls or send texts

If you find yourself unable to place calls, send texts, or access mobile data, it’s an indication of a significant issue with your network connection.

This could stem from a routine service disruption, or it could signal a more serious problem, such as unauthorized transfer of your phone number.

Unauthorized transactions

The primary objective of a SIM swap attack frequently revolves around draining the victim’s crypto wallet. If you receive notifications regarding transactions you didn’t authorize, it may be indicative of a SIM swap incident.

In such scenarios, aside from contesting the unauthorized transactions and fortifying your crypto accounts, it’s crucial to regain control of your number.

Unable to access accounts

The initial action of SIM card hackers typically involves locking you out of your accounts by altering the passwords. Additionally, certain accounts may automatically restrict access as a security precaution following multiple suspicious login attempts. Consequently, the loss of access serves as a clear indication that someone is either attempting to compromise your accounts or has already done so. Immediate action should be taken to secure them.

Swim Swapping

How to Avoid SIM Swap Hacks

Now, setting jokes aside, let’s delve deeply into potential strategies to prevent malicious actors from absconding with your hard-earned bitcoins.

Authenticator Applications

Many internet platforms now provide authentication as an additional security layer. This process entails utilizing distinct codes to validate user requests, such as logins and withdrawals. These unique codes are either sent to the user’s email or mobile number, or retrieved through Authentication applications like Google’s 2-Factor Authentication. Most platforms offer users the flexibility to select their preferred authentication method.

Don’t Doxx Yourself

Doxxing involves exposing personal information, typically by an unauthorized individual.

However, individuals can also inadvertently doxx themselves, such as by claiming a previously anonymous profile. Doing so reveals crucial information and ownership proof of associated accounts, which can increase vulnerability to SIM swap hackers.

As a crypto investor, your wallet address offers inherent privacy, as transactions aren’t linked to personal identities. However, voluntarily disclosing ownership of known crypto addresses, smart contracts, or projects makes you a target for sophisticated hacking attempts, extending beyond SIM swaps to more advanced social engineering attacks.

Whenever possible, it’s advisable to maintain significant anonymity and refrain from sharing personal details online, including your crypto wallet address. If you must reveal such information, understanding the associated risks and implementing effective risk-management strategies is essential to safeguard yourself.

MFA (Multi-Factor Authentication)

Enhance your profile security by implementing Multi-Factor Authentication (MFA), which requires users to provide additional information beyond their password. While not available on every platform, strive to integrate multiple verification steps.

Although this may add some inconvenience to the sign-in process, it significantly bolsters your account’s protection in case a hacker circumvents the initial security layer. In addition to your password, contemplate incorporating one or more authentication factors.

PIN codes

Ensure to update your phone’s default SIM pin by configuring a PIN or password manually within your phone’s settings. Additionally, numerous carriers provide Number Transfer PINS, which activate when a SIM change is initiated. Consequently, if someone attempts a SIM swap, they’ll require your PIN first, regardless of any other details they may possess.

Easy Crypto NZ | Buy Crypto on an safe to use platform

Easy Crypto is New Zealand’s largest and most popular cryptocurrency retailer, making it ‘safe, smart, and easy‘ for Kiwis to buy and sell over 160+ cryptos including Bitcoin in NZ.

Famous Example Of SIM a Swap Attack

Vitalik Buterin’s Twitter Account Hack

Even a cryptocurrency investor who doesn’t typically engage with Non-Fungible Tokens (NFTs) would hastily seize the opportunity to claim a complimentary NFT offered by Ethereum’s founder, Vitalik Buterin. This was the ploy employed by SIM swap hackers when they successfully breached Ethereum Founder’s X account on September 9, 2023.

Zach crypto sim swap

The malicious link, leading to a deceptive website, enticed investors with the promise of claiming a commemorative NFT issued in collaboration with Consensys, the MetaMask wallet development team. To obtain the NFT, users were instructed to connect their wallets to the platform. Once connected, wallets were emptied of their valuable cryptocurrency assets, including NFTs and other fungible tokens. Despite efforts to warn investors promptly, losses continued to mount. Crypto investigator ZachXBT reported over $690,000 in stolen assets, with NFTs accounting for over 70% of the total.

sim swap scam
Cryptocurrency NZ Logo

Cryptocurrency NZ Final Verdict

The mobile SIM card serves as a gateway to vast personal information, which is why SIM swap hacks are concerning. We’ve explored potential strategies for cryptocurrency investors to safeguard against threats and manage a SIM swap incident.

Even if you haven’t experienced a SIM swap, it’s wise to fortify your accounts following the outlined steps. Additionally, exercise caution when encountering enticing offers or giveaways promoted by popular figures, and conduct thorough research before connecting your cryptocurrency wallet to any associated platforms.

Table of Contents

Disclaimer: All content in this guide is intended for educational purposes only and should not be interpreted as financial advice. As an individual, you are entirely responsible for how you conduct your investments and manage your cryptocurrency interests. It is exclusively your own responsibility to perform due diligence and Cryptocurrency NZ recommends taking extreme care and caution with crypto and are not responsible for the outcomes, management, or oversight of your activities.