New SIM-swap hacks highlight carriers’ wobbly security

Several new studies have found that hackers can convince wireless carriers’ customer service agents to port legitimate phone numbers to bogus accounts — a practice that can then open that account up to fraud and theft.

Researchers at Princeton University called three of the four major carriers and tried to convince customer service representatives to move phone numbers to new SIM cards. Verizon, AT&T and T-Mobile each received ten calls from the researchers, who posed as customers.

Astoundingly, in all 30 cases the fake customers successfully convinced the carriers to move the numbers to new SIM cards.

When the carriers tried to authenticate the customers by texting personal identification numbers (PINs), the “customers” acted confused and said the wrong PIN numbers, because of course they had not received the texts. Then the carriers asked for other forms of authentication, like most recently called numbers and most recent payments. The researchers had done their homework and in most cases were able to answer these questions correctly.

How can researchers (and hackers) get access to a victim’s call history and payment history? By manipulating it. They can text multiple people fake offers that seem too good to refuse, until one person calls back. Now they have a recently called number. If the call happens to be from a prepaid account, the hacker has hit the jackpot because they can go to a convenience store, buy a refill card for a few dollars and then use it to refill that victim’s account. Now the hacker has payment history. The next step is to call the carrier and request a SIM swap.

To read the full version of this article, visit Light Reading.