Six ways to mitigate SIM Swap Frauds

At the most niche level, a SIM card swap is when someone, usually a fraudster convinces your carrier
to switch your phone number to a SIM they own. These are not done for the meagre purpose of
pranks or just to make a couple of long distance calls. Through the diversion that they have created,
they try to get hold of your two-step verification through which they might have access to your most
sensitive accounts. Ways to mitigate such swaps would be-

1. Adding a PIN- major carriers in the US offer you an option of attaching a passcode or a PIN
to your account. This passcode would add an extra level of protection and would create an
additional barrier that a fraudster might have to cross in order to get access to your
account. Carriers like Verizon and AT&T have the provision to set up a code that is around
four to eight digits long. This passcode helps to manage your account online or in a retail
store.
2. Use a better two factor authentication- a regular two-step authentication won’t work when
a SIM swap hits... so what will? Maybe a better one. There are apps like Google
Authenticator which not only provides a two steps SMS based authentication but they also
tie this to your physical device rather than just attaching it to the number the phone
company gave it to you. They show you a six-digit code which updates every 30-seconds or
so and stays in sync with whatever service you connect to.
3. Extra Measures – with the digital era on the boom, it has become really necessary to
connect your mobile number to your bank account. Disentangling yourself from the digits is
hard but what you can do is keep the numbers attached to sensitive bank accounts or your
bitcoin private and don’t share that number with your friends.
4. Dig deeper into the mobile settings- unlike twitter it’s not possible in Instagram to turn off
two-factor verification and remove your mobile number. What you can do in Instagram is
change your number to a VoIP or Google voice number. Also, one must make sure that their
phone numbers are not mentioned on social networking sites, especially Facebook. You can
do the same for your e-commerce accounts.
5. Use of FIDO Keys- using of FIDO keys helps you protect your account in a more reliable and
hard -to- bypass sort of way. One such key is the Yubikey, these keys are USB devices that
you can link to your account. So, every time a user wants to access your account, he must
have that FIDO key inserted into the computer. These keys are highly secure as long as you
do not lose them
6. Checking bank account statements- make sure you check your bank account statements
from time to time and understand the transactions that you’ve made from time to time.
Never bookmark the official website of your bank, type in the address each time you want
to log in, since there are malwares that tamper with the bookmarks and may redirect you to
phishing websites.