The Federal Communications Fee (FCC) has revealed new guidelines to protect customers from criminals who hijack their cellphone numbers in SIM swapping assaults and port-out fraud.
FCC’s Privateness and Information Safety Job Drive launched the brand new rules in July. They’re geared towards thwarting scammers who search to entry private information and data by swapping SIM playing cards or transferring cellphone numbers to completely different carriers with out acquiring bodily management of their targets’ gadgets.
In SIM swapping assaults, criminals trick a sufferer’s wi-fi service into redirecting their service to a tool managed by the fraudster. Conversely, in port-out fraud or cell quantity porting fraud, scammers switch the sufferer’s cellphone quantity from one service supplier to a different with out the proprietor’s authorization.
They each trigger vital monetary losses, identification theft, and misery for the sufferer, as they result in unauthorized entry to non-public accounts and delicate info.
“These scams – SIM swap and port-out fraud – do not simply put wi-fi account entry and particulars in danger,” stated Commissioner Geoffrey Starks.
“As a result of we so steadily use our cellphone numbers for two-factor authentication, a nasty actor who takes management of a cellphone can even take management of economic accounts, social media accounts, the checklist goes on.”
Safe auth earlier than porting numbers and prompt alerts
The FCC’s up to date guidelines regarding Buyer Proprietary Community Info (CPNI) and Native Quantity Portability now mandate that wi-fi service suppliers implement safe authentication procedures earlier than transferring a buyer’s cellphone quantity to a distinct gadget or supplier.
Below the brand new rules, wi-fi corporations should additionally promptly alert clients each time a SIM change or port-out request happens on their accounts. Moreover, they have to take further precautions to protect clients from SIM swapping and port-out makes an attempt.
“We require wi-fi carriers to offer subscribers extra management over their accounts and supply discover to customers each time there’s a SIM switch request, in an effort to shield towards fraudulent requests made by unhealthy actors,” stated Chairwoman Jessica Rosenworcel.
“We additionally revise our buyer proprietary community info and native quantity portability guidelines to make it tougher for rip-off artists to make requests that get them entry to your delicate subscriber info.”
FCC’s transfer is available in response to an ever-increasing wave of shopper complaints about vital misery and monetary hurt ensuing from SIM hijacking assaults and port-out fraud.
In February 2022, the FBI was already warning that criminals have been escalating SIM swap assaults to steal thousands and thousands by hijacking unsuspecting victims’ cellphone numbers.
The FBI Web Crime Criticism Heart (IC3) obtained 2,026 SIM-swapping complaints with adjusted losses of $72,652,571 final 12 months. In distinction, 320 complaints reporting SIM swapping incidents with losses of $12 million have been filed between January 2018 and December 2020, whereas IC3 obtained 1,611 such complaints with adjusted losses of over $68 million in 2021 alone.
FBI’s alert got here on the heels of an FCC announcement that it began engaged on new laws in response to surging SIM-swapping assaults.