NPR’s Michel Martin talks to Eva Velasquez, President and CEO of the Identity Theft Resource Center, about the growing threat of SIM swapping.
MICHEL MARTIN, HOST:
If you’re one of the millions of people using your smartphone to pay your bills, send money to family and just do some banking, listen up. This month, the FBI issued a warning about the rise in a type of mobile phone scam called SIM swapping, saying it cost consumers more than $68 million in losses just last year. And according to the FBI’s figures, it’s 15 times more likely to happen to you today than it was just a couple of years ago.
So what is SIM swapping, and how can you protect yourself? We called Eva Velasquez for help with this. She is the president and chief executive officer at the Identity Theft Resource Center. That’s a non-profit whose goal is to help consumers reduce their risk of falling victim to identity theft. And she’s with us now. Eva Velasquez, thanks so much for joining us.
EVA VELASQUEZ: I’m so happy to be here, and I’m glad we’re covering this really important topic.
MARTIN: Well, first of all, could you just explain just what is it? I mean, how are scammers stealing our information from the SIM cards in our smartphones?
MARTIN: Well, it is somewhat complex. And just to level set here, your SIM card is that tiny little microchip in your phone and it tells your phone what number it responds to. And there’s lots of information in it, but it’s transferable to another phone, and that’s how you can upgrade or buy another phone if yours is damaged and still keep your phone number, your photos, you know, your music. But much like phone number porting, SIM porting is – it’s really easy to do if someone other than you can convince a cellular employee to help them do it.
MARTIN: So this is a scam directed at employees of mobile carrier companies? Or is this a conspiracy in which they’re involved?
VELASQUEZ: Well, you know, it could be both. We often don’t know if it is an insider threat where an employee is involved, but sometimes it’s just an employee trying to provide good customer service and they’re being socially engineered. So we tend to look at the employees more as an instrument of the scam rather than the perpetrators.
MARTIN: So the FBI says these SIM swap scammers netted more than $68 million in 2021, which was up from just about $4 million in 2020. How did this get to be so successful and how did they get all that money? Like what did they do?
VELASQUEZ: Well, if we step back and just look at the entire fraud landscape and ecosystem, people should understand that we have had unprecedented rates of fraud across the board in all of our systems, basically, since the pandemic started. There were just a lot of new opportunities. There was a lot more money in our systems and a lot more vulnerabilities were exposed. So it doesn’t surprise me at all that we saw a dramatic rise in this type of fraud because frankly, we saw a dramatic rise in all types of fraud, particularly identity crimes, over the last two years, and we’re going to continue to see this sort of new baseline. It hasn’t gone down.
A lot of folks think that, OK, the pandemic is, I won’t say over, but we’re coming to the end of it and so the fraud has waned. And while we aren’t at the peak numbers that we were seeing in 2020 and 2021, we have a new very high baseline and there’s going to be a very long tail on this fraud. Unfortunately, consumers are the ones that are going to have to deal with this at the end of the day.
MARTIN: How do you deal with this? And I think first, since you’ve identified employees of mobile carrier companies as being kind of the – forgive me for using this language – the weak link here. How are the wireless carriers doing anything to address this? And then of course, I’m going to ask you, is there anything that consumers can do themselves?
VELASQUEZ: Well, the reality is, of course, the wireless carriers are implementing processes, just like many of our institutions are implementing additional anti-fraud processes. They don’t want to be losing these dollars and they don’t want unhappy customers, either. I mean, that goes without saying. But the particularly insidious part of the SIM swapping threat is that it’s – there’s little that an individual can do proactively on that – for that particular issue. It’s about detection and it’s about acting very quickly.
So we really encourage people, if anything appears to be amiss and their phone stops working, sometimes people won’t notice right away because they’re at home and their phone is connected to their Wi-Fi network, and they don’t realize that they don’t have that access to that cellular account until they’re no longer connected to Wi-Fi. But we do encourage people, if you see any strange activity to take it seriously. And frankly, this goes across the board. You know, it doesn’t matter if it’s a weird charge on your credit card statement, a notification from a company that you do business with, any of those indicators, please follow up immediately because it may be indicative of a bigger problem.
MARTIN: And how do you follow up?
VELASQUEZ: You will have to follow up directly with your mobile carrier. And where that creates a challenge is, often people cannot get back into their account, so sometimes they cannot do this digitally. They actually will have to go into a store front and have that conversation.
MARTIN: That was Eva Velasquez, president and CEO of the Identity Theft Resource Center. That’s a nonprofit whose goal is to help consumers reduce their risk of falling victim to identity theft. Eva Velasquez, thanks so much for joining us and sharing this expertise with us.
(SOUNDBITE OF MUSIC)
VELASQUEZ: Oh, I’m happy to be here and stay safe out there.
NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.