The cloning of SIM cards increases in the region

Thefts of up to $ 2,500 per victim are recorded.

The ‘SIM swap,’ popularly known as the “cloning of SIM cards,” is a fraud that is being widely used by cybercriminals in Latin America, warned this week the cybersecurity expert company Kaspersky Lab.

“The technique itself is a legitimate resource used when a smartphone is lost or stolen, allowing the owner of the device to activate the same number on another SIM card. However, criminals are taking advantage of this practice to trick mobile operators into transferring the number of a stolen device to a new SIM card, “the company reports.

A joint investigation between Kaspersky Lab and Mozambique’s CERT found that attacks like these have spread around the world, used by cybercriminals not only to steal credentials and obtain one-time passwords (OTPs) sent by SMS but also to steal the money from their victims.

Mobile payments have become very popular, especially in emerging markets such as Africa and Latin America, because they make it easier for consumers to deposit and withdraw money, as well as pay for goods and services, via a mobile device.

However, currently, mobile payments have been the target of a wave of attacks resulting in the loss of money for many people, all due to the cloning of SIM cards that is happening on a large scale.

Be alert

The fraud begins when the scammer obtains details of the victim using phishing emails, social engineering, a data leak or even buying information from organized crime groups. Once the necessary information is collected, the cybercriminal contacts the mobile service provider by posing as the victim so that the provider passes and activates the phone number to the fraudulent SIM card. When this happens, the victim’s phone loses the connection to the network, and the scammer receives all the SMSs and voice calls addressed to the victim, which makes all services that depend on double factor for authentication vulnerable.

Highlighting ​​the impact of this type of attack, in Brazil alone, an organized group could clone the SIM cards of 5,000 victims, among which were politicians, ministers, governors, celebrities and high-profile businesspeople.
In Mozambique, an attack caused losses of US $ 50,000 to a single businessman, while in Brazil there have been losses of up to US $ 2,500 per violation. However, the real impact of this fraud in Latin America, Africa and around the world is difficult to estimate, since most banks do not share these types of statistics publicly.

What to do? 

To avoid becoming a victim, Kaspersky Lab offers the following recommendations:

– When possible, users should avoid the use of double factor authentication via SMS and opt for other ways, such as generating an OTP in a mobile application (such as Google Authenticator) or using a physical token. Unfortunately, some online services do not offer another alternative. In such cases, the user needs to be aware of the risks.

– When a change of SIM is requested, operators must implement an automatic message sent to the number to inform the owner that there has been a request for a change of SIM and, if not authorized, the subscriber should contact the owner anti-fraud hotline. This action will not prevent hijacking but will alert the subscriber so that they can respond more quickly in case of malicious activity.

– Avoiding WhatsApp account hijacking; users must activate two-step authentication using a six-digit PIN on their device, as this adds another layer of security that is not so easy to circumvent.

– Ask WhatsApp to remove your number from the collective call identification application lists since these can be used by attackers to find your number just by having your name.