SIM swap frauds are a popular means for stealing cryptocurrencies.
In a SIM swap, the fraudster contacts another person's cell phone service provider and tells the company that the phone was lost or irretrievably damaged. The the scammer requests the cell service provider to activate a new SIM card for a replacement phone - which the fraudster owns. With the data on the SIM card the fraudster may be able to get access to account information for the victim's accounts at financial institutions. Many victims have relied on two factor authorizations as their security measures but when a SIM card is swapped, the fraudster usually also has access to the text message or email that provides the second identity authenticating factor. The U.S. Federal Trade Commission has provided public warnings.
Customers of U.S.-based cryptocurrency trading platforms that hold their customers' cryptocurrencies in custody have been frequent targets of SIM swaps. Coinbase customers have been frequent targets, at least according to anecdotal evidence.
A SIM card is the subscriber identity module or subscriber identification module. The card is an integrated circuit that securely stores the international mobile subscriber identity number and its related key, which are used to identify and authenticate subscribers on a cell phone carrier's network.
- SIM Swap Scams: How to Protect Yourself. Federal Trade Commission.
- Another Coinbase User Falls Victim to a SIM Swap Attack. The Merkle.