Scammers are offering T-Mobile and Verizon employees $300 for each customer phone number they help hijack through SIM swaps, a practice that enables fraudsters to intercept One-Time Passwords (OTPs) and gain access to private bank accounts, crypto wallets, and social media profiles.

The increased frequency and sophistication of SIM swap scams exploit weaknesses in mobile carriers’ account security to hijack personal information, putting customers at risk of identity theft and serious financial and reputational damage. Last month, media reported that fraudsters hijacked the phone lines of an entire family, stealing thousands of dollars and locking them out of their social media and Amazon accounts for months. Earlier this year, hackers posted a false announcement on the SEC’s X profile after gaining access to the Wall Street regulator’s account via a SIM swap.

For customers of major mobile carriers, read on to learn about spotting SIM swap scams, what T-Mobile and Verizon have done in response, and how to protect yourself.

What are SIM swaps?

Definition
A SIM swap scam (or SIM splitting or SIM jacking) involves tricking a mobile carrier into transferring a customer’s phone number to a new SIM card controlled by the scammer. This switch allows the attacker to intercept phone calls, text messages, and access secured services (such as bank, email, and social media accounts) linked to that phone number.

How it works
Attackers often employ social engineering, among other methods, to trick people into divulging information necessary to execute a SIM swap. Or they gather personal information about a potential victim from social media, data breaches, or public databases. With this information, they contact the mobile carrier, impersonate the victim and, claiming a lost or damaged phone, request a SIM change. This method bypasses two-factor authentication and gives scammers access to the victim’s phone number.

T-Mobile and Verizon employees offered $300 per SIM swap

Insider threats
SIM swap threats are heightened by insider threats, whereby cellular carrier employees abuse their access to customer accounts to collude with scammers. T-Mobile and Verizon employees received text messages offering $300 for each successful SIM swap.

Response by T-Mobile and Verizon
Following these reports, T-Mobile issued a statement emphasizing that their systems have not been breached, but did not clarify how scammers obtained their employees’ contact information. They added, “... other wireless providers have reported similar messages.” More recently, T-Mobile has said that they will require customers to confirm a SIM change via SMS or physically at a store.

Verizon has pledged to cooperate with law enforcement agencies, conduct internal investigations, and affirmed their commitment to enhancing cybersecurity.

Frequent data breaches increase risks
T-Mobile and Verizon have had a history of frequent data breaches that could make it easy for scammers to identify and contact the carriers’ employees. Earlier this year, Verizon reported that the sensitive data of half its workforce, around 63,000 employees, had been compromised.

Protecting yourself against SIM swaps

Signs of a SIM swap fraud
Recognizing the signs of a SIM swap is crucial for preventing further damage. Some key indicators are:

• Sudden loss of cellular service: If your phone displays "No Service" or similar messages despite being in a service area, it could be a sign that your SIM has been deactivated and transferred to another device.
• Unexpected requests for authentication: Receiving unsolicited authentication requests or password reset emails indicates that someone may be trying to access your accounts.
• Inability to make calls or send texts: If you cannot make calls or send texts, it's possible that your phone number has been hijacked.

Preventative Strategies
To protect yourself from SIM swaps, consider implementing the following measures:

• Use enhanced security protocols: Add a passcode or other verification methods to your account for extra protection. By doing so, your mobile carrier will need to bring you or potential scammers through multiple layers of security checks before changes to your account can be made.
• Limit sharing of personal information: Be cautious about how much personal information you share online, particularly on social media, as scammers can buy or steal this information to pass security checks.
• Monitor your accounts regularly: Look out for unusual activities in your bank statements and phone bills. Early detection can prevent further loss.
• Use authentication apps: Instead of relying on text messages or SMS for two-factor authentication, use apps like Google Authenticator, which generates codes on your device independent of your SIM card status.
• Switch to a secure mobile provider: By choosing a secure mobile service provider like Cape, you can avoid the risks associated with traditional mobile carriers, which have historically failed to protect their customers’ and employees’ privacy and security.

At Cape, we believe in privacy and security by design

1. We use modern cryptography and authentication protocols instead of more vulnerable usernames and passwords.
2. We ask for minimal personally identifiable information, which hackers seek to be able to impersonate people.
3. We design systems that limit human involvement to reduce human error and man-in-the-middle attacks.
4. We have a robust research team that proactively monitors emerging cyber threats, so we can stay one step ahead.