If someone managed to steal your SIM card, they might act like it’s you. That means it could call on your behalf, send SMS, receive those messages that may even contain security codes. Therefore, it is an important problem that should be avoided. It is essential to correct possible vulnerabilities.
Methods to steal a SIM
Just as they could steal an email account, social network or any platform, they could have access to a stolen SIM card. It is not easy, as you will see, but there are several alternatives that cybercriminals can have. Knowing how they act is essential to maintain security.
card exchange
We can say that this problem is relatively common in certain countries. In Spain, thanks to the security measures When it comes to changing operators, it is very strange that it can happen. Of course, it is good to know how it works so as not to have problems of this type in the future.
Basically, what the attacker does is call the operator to order a replacement SIM card. It is going to impersonate our identity, so it has previously had to obtain certain information such as our name, ID, the company we have contracted, etc. If it succeeds, the mobile operator will send a new SIM card that the hacker will control.
From then on, I could start use phone number on your device as if you were the victim. You will receive 2FA codes, calls, etc. It uses social engineering and we really depend on our carrier not to fall for it and send a SIM. However, you can increase security by avoiding giving out too much information on the Internet.
simjacker
In this case, what hackers do is take advantage of a vulnerability. This attack, which is quite complex, makes it possible to hack the SIM card. It is what is known as Simjacker or SIM card theft. They will send a code via SMS. Actually what they send is spyware.
Once the victim has opened that message and they have managed exploit vulnerability, they could spy on calls, messages, track the location… Through software that is part of the operation of the SIM card, they can exploit that flaw and take control of the card. Specifically, the software is a simple browser that comes with the card.
Nowadays it is very unlikely that this problem will really affect. The main reason is that it is normal for us to use browsers such as Google Chrome, Mozilla Firefox and other similar ones. This greatly limits the likelihood that an attacker will be able to exploit this vulnerability.
SIM cloning
This is the most complicated of all and it is also very unlikely to happen. This time, attackers are going to need to have physical access to the SIM card. What could happen? For example, it can happen that your mobile phone breaks down and you take it to an unreliable store to fix it and they clone your card.
What the hacker does is copy the unique identification number of the card, in the new one that he is going to have. From there, he can impersonate our identity and act as if it were us. It is important to prevent someone you do not trust from having physical access to the card. Once again, in Spain this type of attack is very rare.
As you can see, there are basically three methods by which they can steal your SIM card. They are unlikely, but it is convenient to know them so as not to have problems. In case they manage to exploit these flaws, they could have access to all your SMS, calls, etc. Protect yourself and avoid making mistakes.
