Skip to content

The FCC aims to stop SIM swappers with new rules


The Federal Communications Commission (FCC) has introduced a new set of rules it says will “protect consumers against scams that aim to commandeer their cell phone accounts,” it announced on Tuesday. FCC Chair Jessica Rosenworcel says the new rules will maintain citizens’ “well-established freedom to pick their preferred device and provider.”

Under the proposed regulations, wireless providers would be required “to adopt secure methods of authenticating a customer” when they swap SIM cards to a new device or port their phone number over to another carrier. They would also have to notify customers when a SIM change or port-out request is initiated and do other things to protect customers from phone hijacking fraud.

SIM card swapping is a real problem that happens when a baddie convinces a cell carrier to transfer service to another device the attacker controls. Amazingly, someone managed to do this in 2019 to gain control of then-Twitter CEO Jack Dorsey’s Twitter account. Often, the deed is done to demand ransom money or cryptocurrency from their victims.

It also gives attackers potential access to their victims’ information, as they would then be able to access online accounts that are secured with SMS verification codes rather than other superior authentication methods.

Similarly, port-out fraud is the unauthorized transfer of your phone number to a different carrier and device altogether — which happened to thousands of TracFone customers early last year.

Most carriers have steps in place to stop or at least hinder these kinds of fraud. In March last year, T-Mobile joined AT&T and Verizon in offering PIN numbers to secure customers’ wireless service accounts. Also, the FCC supports phones offering eSIMs, which it says can offer additional protection against SIM swapping, so that’s an option — if you can stomach the potential headaches.


Source link