Wireless customers at AT&T (NYSE:T) are falling victim to an elaborate scam in which hackers impersonate representatives from the wireless company in order to get personal information that allows them to hijack a customer’s SIM card and make expensive international calls as well as gain access to credit card and banking information, according to a report from Bloomberg.
SIM cards are the chips that authenticate a particular user on a wireless network. Hackers only need to get a few pieces of personal information, including the last four digits of a Social Security number, in order to gain access to a person’s account. They then call the wireless provider and have the SIM card switched to a new device, which allows the hacker to make calls that are billed to the victim’s account. Hackers gain the trust of the customers by learning their names and addresses before making the phone call in order to better masquerade as representatives of the wireless carrier.
According to data from the Communications Fraud Control Association cited by Bloomberg, the telecom industry stands to lose $46.3 billion to fraud in 2013. The CFCA says that account-takeovers like the SIM card switching scam are the most common type of fraud in the wireless industry. The trouble wireless companies have is distinguishing between a real SIM card switch, which is a common practice performed when users switch devices and can be done over the phone, and when a hacker is performing the switch rather than the actual customer.