Can your IT Help Desk automatically detect SIM Swap attacks?

SIM Swap is one of the scammer’s favorite and most powerful attack tools, but do you know what it is or how to detect it? If not, don’t worry as Trusona ATO Protect has built in SIM Swap detection and we’ll explain how it works here. 

Every cell phone needs a SIM – a Subscriber Identity Module. These are typically small plastic chips the size of a fingernail that are inserted into the phone but newer devices have them built in (e-SIMs). SIMs are issued by the phone network and are used to identify the phone subscriber independent of the phone. This allows for flexibility with upgrades, lost and stolen devices etc. 

However, you may be surprised to know that the SIM does not manage the cell phone number – that happens inside the service provider’s network where they keep a database of which cell phone numbers belong to which SIM. This allows the phone company to allow multiple phone numbers per SIM (e.g. a personal and business number) and to allow you to keep the same number if you need to replace the SIM, e.g. if it got damaged or was lost with the phone. 

Scammers take advantage of this by contacting the phone company to impersonate a genuine customer and persuading the provider to issue a new SIM card on the customer’s account. This then gives them total control of the victim’s cell phone service including receiving login security codes via text message. As the phone company deactivates the old SIM, the target can take a while to figure out what’s wrong, all they know is that their cell is not working anymore.  

While phone companies have security measures in place to prevent this, a determined fraudster can often bypass them. In any case any third party – like your business, that uses SIM bases services to authenticate employees, like SMS OTPs or call backs, are ultimately outsourcing their security to the carrier and their employees. 

Increasingly, SIM Swap is being used to get access to internal accounts via the IT Help Desk. Any login reset process or MFA that relies on an OTP or callback is worthless as the criminal is now in complete control of the trusted cell number of an employee.  

So what can you do? 

Trusona’s ATO Protect solution has built in automated SIM Swap detection technology which has access to real time data that says if the SIM has recently been swapped. This SIM Swap status is flagged to the IT Help Desk operative, along with all the other risk signals, indicating the employee’s phone service has been compromised, removing a valuable attack vector from the cyber criminal’s arsenal. 

Eliminate your company’s vulnerability to SIM Swap and other IT Help Desk ATO attack vectors like GenAI Deepfakes today with Trusona’s ATO Protect solution.