According to the Daly City Police Department, the 48-year-old resident may have fallen victim to a scam.
He told the police he received a text message initially saying there were attempts to change the password to his T-Mobile account. This is a common tactic when someone maliciously takes over your phone number.
The victim called what he thought was the T-Mobile number and was told there were attempts to change his password and code to his account. Addiitonally, the “agent” claimed that T-Mobile was able to freeze the account.
He said he then received a new passcode to an old email address he used for a Bitcoin account he had.
The victim told police he believed the email account might have been hacked.
A short time later, he received a call from a blocked number and was told the caller worked for a firm called Ledger that dealt with his Bitcoin account, and the account had been hacked.
The victim then checked his Bitcoin account and learned all of the funds were gone.
He said approximately $27,000 in the Bitcoin account was stolen.
It is a bit of a messy explanation, but one that rings a bell for many people.
What could have happened?
SIM swapping is not a new scamming technique. It involves scammers persuading mobile network companies to reassign phone numbers from one SIM to one held by the scammer. Once a scammer gets control of the number, he can reactivate accounts, impersonate, and even bypass two-step verification checks to reset the victim’s password. Doing so grants the culprits access to other people’s accounts.
In the 48-year-old Daly City resident’s case, his sim was cloned by scammers who gained access to his email addresses and crypto exchange account.
Staying safe from sim swapping scams
Scammers continue to up their game when it comes to tricking and manipulating victims to play their make-believe game efficiently.
One easy way of avoiding sim swap attacks successfully is to use third-party authentication applications like Google Authenticator or Authy. It helps generate unique code to gain access to online accounts at different times. These codes are not tied to your mobile phone number.
Also, online users should reduce the amount of data shared on their online profiles. Scammers scour social media to source data and convince network carriers they are the rightful account holder.
Unsolicited emails and SMS asking for personal information are also to be avoided. Scammers use the ploy to phish for personal information online.
Notably, networks like AT&T, T-Mobile, and Verizon offer the ability to add a PIN code to a wireless account, providing another layer of security.
In cases where individuals are targeted for sim swapping scams, victims could only do little to stop scammers. However, with utmost caution and simple steps further to verify before giving out any information, sim swapping and phishing scams could be foiled.