City worker phone attacked via SIM Swap
Apr 1, 2021 at 3:33 PM
A co-worker of ours, a fellow City employee, found their mobile phone no longer had phone service. When contacted, the mobile phone provider found the number was moved to another phone!
How does that happen?!?
What is a SIM?
A SIM (subscriber identity module) is a little computer chip inside your phone that is unique to you and tells the network where your calls should route. The phone company provides the SIM, and programs their network to identify your phone number with your SIM.
What Happened?
An attacker targeted our co-worker with the intention of taking over the phone number. With the phone number, the attacker can access any computer account that uses the phone as a method of authentication and verification! Additionally, our personal email is often associated with text message backup access, so taking over email follows quickly in these attacks!
The intent in this attack was to steal money from online accounts (bank accounts, digital wallets, etc). Your phone could be an avenue into the City network as well, since we use our phones in MFA (multi-factor authentication) to get into our email and City resources.
This can happen to you!
How can I protect my mobile phone and accounts?
For any City-owned mobile phones, contact BTS immediately by calling 503-823-5199.
To protect your personal phone and accounts, stay aware and cautious.
The Federal Trade Commission has advice to protect from SIM swap attacks: https://www.consumer.ftc.gov/blog/2019/10/sim-swap-scams-how-protect-yourself
Also, talk to your mobile phone provider. They will have specific settings and configurations you can activate to protect you and your family.
If you have questions or want to discuss this further, please open a Cherwell ticket via the BTS Help Portal and it will be routed to the Information Security Team.