SIM cloning is a practice where a malicious user makes a copy of your phone’s SIM card, putting you at risk that any SIM-based authentication you use is compromised. If you realize it fast enough, you could minimize the damage.
What Is SIM Cloning, and Why Does it Happen?
A SIM card is essentially a security measure to prove that you’re entitled to access a cellular network. Your phone number is associated with a particular SIM, and the SIM also has its own unique identification number, registered with the service provider.
When a SIM card is “cloned” it means one of two things. Either two identical cards now exist on the same network, or the original card has been blocked and the number associated with that card has been moved to a new SIM in the possession of a malicious actor.
While there are tools out there that can make a copy of a SIM card, they need the original card to be present. So an attacker would have to steal our card in the first place. This isn’t very practical, so the most common method is to impersonate you and get the phone company to do a SIM swap.
This is a hacking technique known as social engineering and it targets the part of a security system that tends to be the weakest link: humans! Sometimes SIM card cloning is done through collusion with an insider at the phone company, in which case the SIM card you have may not be blocked, making it harder to detect that you’ve been hacked.
Warnings Signs of SIM Cloning
SIM cloning is a relative rarity, but it’s definitely something everyone who uses a SIM card should be aware of. So, how would you even know that your card has been cloned?
1. You Suddenly Stop Receiving Texts and Calls (And Can’t Make Them)
If the attacker has initiated a SIM swap by impersonating you, then the SIM in your phone will be blocked. You may see a message that you have no connection or that your phone is “not authorized” or something to that effect. You won’t be able to make or receive calls or messages. If this happens to you, it’s a good idea to immediately phone your provider (from another phone obviously) and ask if a SIM swap has been initiated.
2. You Get 2FA Messages You Didn’t Request
In some cases where hackers manage to clone a card without blocking your original card, both your handset and the cloned handset may receive copies of the same messages. If you start getting messages with password reset codes or other two-factor authentication (2FA) information you didn’t ask for, it’s worth hopping on the phone with your provider to make sure your SIM is safe.
3. Your Phone Bill Has Unknown Activity
Sometimes hackers who clone SIM cards are not looking to defraud you directly, but to use your number as a way to defraud other people. They can commit crimes or impersonate you for various fraud scams by having control of your phone number.
So it’s worth going over your phone records every month just to make sure that calls aren’t happening on your number that you didn’t make!
How to Prevent SIM Cloning
While rare, becoming the victim of SIM cloning can be devastating. It’s not really possible to prevent cloning when it’s done as part of collusion with employees of a phone company. However, in most cases, the phone company itself is a victim of hackers impersonating you. The phone company will ask a caller a number of personal information questions to verify that they are the correct individual.
The key thing here is that this only happens when you phone the company. If someone claiming to be from your phone company calls you and then asks for this information, it’s almost certainly an attempt by someone to steal that info. Specifically, so they can turn around and pretend to be you to the phone company. So if you get such a call, never give out any of that sensitive information!
It’s better to deal with one of the main reasons cloning happens in the first place. If you’re using any sort of SMS-based, SIM-linked two-factor authentication service, consider changing it to another type of security factor. SMS-based two-factor authentication is weak compared to the alternatives.
The best option is to use an authenticator application that’s tied to your specific handset. Google’s Authenticator is widely compatible, although some companies use their own in-house authenticator technology.