Sharon Hussey of Bethesda, Md. got scammed out of $17,000 even though she employed two-factor authentication (2FA) on her phone. With 2FA, before you can open an app, you have to type in a code that is sent via text to your phone. But there are ways that bad actors can get around this and one of those ways is via a technique called SIM swapping. So with this in mind, let’s dive into the unfortunate events that cost Ms. Hussey $17,000.
Once the thief had her SIM card in his phone, he was receiving all codes generated by 2FA
SIM CARD ALERT: Sharon Hussey, who lives in Maryland, lost thousands after someone walked into a Verizon store in California & got a new sim card using her phone number. She breaks it all down. @7NewsDCpic.twitter.com/C8vKJX2wM0
— Scott Taylor : 7 News – WJLA TV (@ScottTaylorTV) January 24, 2024
Alex Quilici, CEO of YouMail, a visual voicemail and Robocall blocking service, explained how SIM swaps work. “The bad guys convince the telephone company that they have the SIM for your phone number and the minute the phone company does the swap they are in control of your number,” said Quilici. “If you’ve been doing two-factor authentication everywhere to your mobile phone number, if someone else gets that mobile phone number they can authenticate as if they are you,” he added.
For three months, Bank of America refused to credit Hussey for the $17,000 that was stolen. Eventually, the bank changed its mind and refunded the $17,000.
Verizon recommends that you do certain things that can stop you from being the victim of a SIM swap
Verizon also has a list of things you can do to prevent being the victim of a SIM swap:
Use strong and unique passwords. Do not use the same passwords for your social media and financial apps. Despite what happened to Sharon, Verizon still recommends enabling two-factor authentication wherever it’s available.
Verizon says that you should be cautious of unsolicited texts, e-mails, and calls. If you detect a sense of urgency and feel that the other party wants you to act immediately, do not respond to the message and delete it.
If you get a message from your carrier saying that your service is being disconnected and you did not request it, call the company from a landline ASAP to determine if the message is legitimate. If you remain alert and cautious, and greet text messages that feel “off” with skepticism, you can give yourself a fighting chance against a SIM swap.