What is SIM swapping attack?
The hacker tricks mobile carrier into transferring a victim’s phone number to a SIM card under his control. Then he can easily bypass two-factor authentication and get access into the victim’s mobile phone and wallets
One such incident occurred in 2018 by someone named “Joel ortiz” from California he used SIM swapping scheme targeting high-profile of crypto.
Ortiz has successfully orchestrated over $5M worth of cryptocurrency by controlling victim’s phone numbers and using it for accessing their cryptocurrency accounts then he transferred the all funds to his account.
One of Joel ortiz’s Victims was the prominent investor “ Michael Terpin” he was targeted in SIM swapping attack and he was deceived in millions worth of cryptocurrency from his account.
Terpin was known with his crypto investments and in various blockchain projects, he has been stolen in a significant portion of cryptocurrency holding.
Ortiz convinces the mobile carrier to transfer the Terpin phone number to SIM card under Ortiz control this could be achieved in different means of social engineering like impersonating the victim or providing fake information to the mobile carrier customer service and he got access into Terpin mobile phone and effectively bypassed 2FA.
Terpin took legal serious actions against Joel Ortiz, asks for compensating for his loss of crypto. This case brought attention for how dangers SIM swapping is and for mobile carries to take care for preventing such incidents.
SIM swapping attacks are very strong and in Ortiz’s case shows the weak of cryptocurrency holders against SIM attacks so it’s important to implement robust security for protecting your wallet against such threats.
Ortiz’s tactics were involved using social engineering to convince mobile carriers to transfer the mobile numbers of his victims to SIM cards under his control.
Ortiz’s crimes come to the end when the government apprehended him at los angeles international airport. As he planned to flee the country.
In 2019 Ortiz felt guilty for many crimes he has committed and he was sentenced to 10 years in prison.
What should I do to protect my wallet ?
1- Use authenticator apps: you can use authenticator apps like google authenticator or Authy. These apps generate a random code and this is not linked with your phone number you can rely on it instead of SMS-based two-factor authentication (2FA).
2- Mobile carrier: contact your mobile carrier to add PIN to your account. This will provide extra security and makes it difficult for hackers to deceive you.
3- Use hardware wallets: this is the most safe way you can use store your cryptocurrecny, instead of keeping it on an online wallet. It provides an extra layer of security by keeping your private keys offline.
4- Monitor your accounts: regularly monitor your cryptocurrency wallets or bank accounts for any suspicious activity and if you see any unusual activity report it to your financial institusion.
