(405) 919-9901

Scams and Identity Theft, Part Two: phone hijacking

by Dave Moore, 3-1-2020

Last week, we looked at how a local couple struggling with identity theft scams was robbed by crooks using an Internet-based banking tool called Zelle. This week, we’ll look at another way the Internet bad guys ripped them off: cell phone hijacking.

Cell phone number hijacking, porting and SIM card swapping scams all have one goal: to take control of your phone number away from you and give it to a criminal. With control of your phone number, they can run all sorts of scams to masquerade as you, enabling them to drain bank accounts, take out phony loans and home mortgages, buy cars, wipe out retirement investment accounts, and go on expensive shopping sprees using bogus credit cards.

Cell phone scams are most effective when the crook gathers as much personal information on their victim as possible: name, address, phone number, date of birth, name of bank, SSN, etc. This is not difficult. Much of this information is for sale on underground websites, or can be gathered through simple stalking, dumpster-diving and Internet searching.

Cell phone “hijacking” works something like this:

  1. Crook visits the phone store (AT&T, T-Mobile, etc.), uses a fake ID, and claims to be you (the “Victim”). Phone store employees are not experts at spotting fake IDs, so the quality of the fake can actually be quite low.
  2. Crook “upgrades” the Victim’s account to new, expensive phones and has the Victim’s phone number(s) transferred to the new phones.
  3. Victim loses service on their own phones. Victim’s phones suddenly become “Emergency Calls Only” 9-1-1 phones, or have no service at all, and the Victim is stuck with the bill for the new phones. Crook uses the new phones for further scams.

Note that, when you hear the word “carrier” used in discussions about cell phones, it is referring to a licensed company that provides cell phone service. Sometimes referred to as “providers,” companies like AT&T, Verizon, T-Mobile and Sprint are (as of today) the four major licensed mobile cell phone “carriers” in the United States.

They are “licensed” in that they pay the U.S. government for a radio spectrum license to operate on certain radio frequencies inside the United States, and have built massive infrastructures to make it all work. Other phone companies, such as Consumer Cellular, Straight Talk, Virgin, Boost and TracFone, are not carriers, but are mobile virtual network operators (MVNO) which partner with and piggy-back off of the networks owned by the major carriers.

If you change from one phone company to another, you are allowed by law to do “number porting,” and take your existing phone number with you to the new company.Unfortunately, Internet crooks have concocted numerous cell phone number porting scams, such as:

  1. Crook, claiming to be his Victim, contacts Victim’s carrier and says they are moving to a different carrier, possibly claiming the phone was stolen, and wants the phone number moved to a different device and a different carrier. Crook may also use stolen weak passwords or PIN numbers to make this work.
  2. Sometimes, Crook will purchase a new phone, charging it to Victim’s account, in an attempt to distract the carrier’s employee into ignoring some of their normal authentication procedures. This tactic is often successful, as minimum-wage employee often gets a commission on phone sales. Outright bribery can also be successful.
  3. Same as Hijacking above, Victim loses phone service, and is stuck with bill for things they never authorized.
  4. As with other scams, Crook is able to take over other accounts using password resets that use texting as a form of multi-factor security.

Another variety of phone hijacking is called SIM card swapping, and works as follows:

  1. Crook, claiming to be Victim, calls carrier and says phone has been lost or damaged. They request carrier activate new SIM card with Victim’s phone number, using phone owned by Crook. They may already have the necessary personal information, or a fake ID, to complete the swap. Trickery or outright bribery of the carrier’s employee is often successful, too.
  2. Rest of scam proceeds as described above with the other scams.

The best way to protect again phone hijacking/porting/SIM scams is by contacting your phone provider and telling them you want extra security and protection. Methods vary between carriers, but you should be able to set up a PIN or passcode that must be provided before any major changes to your service are allowed.

Next week, Part Three: how to prevent Identity theft.

Dave Moore has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd., he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or www.internetsafetygroup.com