For those who don't know me, I'm a crypto bounty hunter. I have recently noticed an increasing number of SIM swap attacks, primarily in the US. So, I decided to make a post to raise awareness and hopefully help someone avoid losing their funds.
What are SIM swap attacks?
A SIM swap attack occurs when a malicious actor obtains your SIM card details and orchestrates the transfer of this information from your device to theirs. This unauthorized transfer can take place in two primary ways: by physically stealing your phone and removing the SIM card or, more commonly, by remote means.
To execute a remote SIM swap, the malicious actor typically follows one of two approaches: contacting your mobile carrier's customer service or visiting a physical branch of the carrier while impersonating you. They may have acquired your personal information through a prior data breach, or they might have an insider within the carrier's organization who can assist in facilitating the data transfer. Each mobile carrier has distinct protocols for transferring a SIM card to a new device.
Once the attacker successfully convinces a customer support representative at your carrier to carry out the SIM card transfer, they gain control over your phone number. This means that they can intercept all incoming calls and text messages intended for your number. Moreover, they gain access to all the applications installed on your phone, including social media and financial apps.
Why is this relevant in crypto?
More and more people these days use cellphone verification as 2FA on crypto exchanges, meaning the second layer of protection to your account could be compromised easily. Since emails and passwords are leaked in data breaches along with personal information, it basically means you're holding all the eggs in the same basket, something you should avoid at all costs, especially in crypto, where there's no reverting any transactions and could possibly costing your Bitcoin or Ethereum.
How do you protect yourself?
Every major exchange offers 2FA with Google Authenticator. If you currently have any amount of funds in an exchange and you don't have Google Authenticator, I would strongly advise you to activate it. Better be safe than sorry. If you follow this method, you are only vulnerable to the good old wrench attack.
TLTR; Use Google Authenticator if you hold funds on exchanges
As always, Stay Safe and Freak the scammers
EDIT : When using google Authenticator don't login to your google account and turn off the sync feature, thanks u/kryptoNoob69420
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments