How Hackers Secretly Swap SIM Cards

REPLAY VIDEO
Your next video will start in
Pause
  • Info

  • Comments

  • VIDEO TEXT

Oct. 7 (Bloomberg) -- At wireless carriers such as AT&T and South Africa’s Vodacom Group, a new hacking threat has emerged involving the illicit swapping of SIM cards. Jordan Robertson explains on Bloomberg Television's "Bloomberg West." (Source: Bloomberg)

I did not know it was possible.

I did not until i got a call from somebody who was a victim.

Two sisters and atlanta.

A fascinating story.

Three years ago i wrote a story about this internet law in att network where they were trying to log into their facebook account from their mobile phone and was landing and other peoples facebook accounts.

They called us three years ago.

I said this cannot possibly be true.

We confirmed and wrote a great story.

The sisters called me again and said you might want to look into this.

I think hackers are switching sim cards and we were victims.

How are they doing it?

Social engineering.

A lot of work.

They will learn you are in att customer.

They will get your basic information that can be found online.

They will call and pretend to be a customer service rep.

They will save and exchange for this, why don't you complete this satisfaction survey.

At the end, they ask what are the last four digits of your social.

It gives him enough information to call of the wireless company and convince them that they are you and to switch your sim card into their device.

But when the time you discover that and shut off your sim card from they wrapup times of international calls.

It is a pretty big problem.

At&t has said these are organized groups targeting its network.

It's a lot of work but it didn't get 12 or 24 hours of international calls him a that is hundreds of thousands of dollars.

Hackers are using it to intercept banking security messages.

They only need access to your phone for 15 seconds and they can log in and drain your account.

What can carriers do?

One thing vodafone is doing is they are sending text messages to every user that requests a sim card.

Sometimes you are requested a sim change which is a legitimate service because you lost your phone and you can get one.

That is a strong mechanism.

If i get a text saying it did request the change, i can say absolutely not.

At&t does not to do that.

Other services do.

I understand it is hitting a different international markets differently.

How so?

We are seeing international phone scams hitting at&t. several african nations.

Likely the people are making these calls do not know they are using stolen bandwidth.

It is sold into the marketplace is, exchanges.

People by prepaid services and their call is connected.

They do not know.

And south africa, banking fraud.

Hackers get all of your information that the one thing they cannot get it when your bank sends you a security code via text to confirm a change or a large withdrawal.

They are done.

Some security researchers i have spoken with have said if you are asked for a sim card, you have a powerful access into somebody's data.

You can make calls, steal information, copper my accounts.

It is a ton of work but there is pay off.

Jordan roberts, thank you for uncovering it will stop --

This text has been automatically generated. It may not be 100% accurate.

Advertisement

BTV Channel Finder

Channel_finder_loader

ZIP is required for U.S. locations

Bloomberg Television in   change