Worried about the security of your SIM card or the smartphone in general? You should be – not everyone has good intentions. In fact, many don’t, and won’t refrain from trying to spy, steal, blackmail, or trick their way into gaining something from you. In most cases, that’s either money or information that can hurt you or others. Luckily, they won’t be able to do this, at least not easily, if you remain vigilant and document changes. But how do you spot them in the first place? Here are 8 signs your SIM card is hacked. Recognized some? It’s time to learn how to protect your SIM card from hackers.
Tip: The first 6 solutions are general tips to follow. The last 5 are practical tips that can are done once, and revisited when necessary.
1. Guard the phone to protect SIM card from hackers
By this, we mean protecting the smartphone and the SIM card physically. Don’t leave it out of your sight, in public or at home, and don’t let strangers use it. As proof, we demonstrated how easy, cheap, and quick it is to clone a SIM card. Long story short, those with practice and equipment can do it in about 5 minutes. This is even faster nowadays since there’s no need to take the battery out before they remove a SIM card.
2. Be wary of fraud
If you read our indicators of hacking, you noticed many methods rely on your naivety, empathy, or not being informed enough. Ideally, you should stay up to date with popular schemes for phishing, hacking, or scamming. Of course, that takes time and energy, and such schemes change regularly to avoid becoming well-known. For that reason, here are a few ways to prevent your SIM card from being abused:
1. Use common sense and a healthy dose of doubt
Culprits usually impersonate social media, certain websites or businesses, and even your carrier or bank. Some even offer to give you a money refund, only to end up selling the data they collect from you. Another popular scheme that requires your phone number is tied to two-factor authentication. Fraudsters will find an excuse for you to give them the 6-digit code sent to your phone number. If you do it, they can reset passwords and e-mail, and take complete control over various accounts, including those for online banks.
2. Do a quick online search for details
First, do a quick search of the phone number calling you. There’s a host of websites that collect numbers connected to suspicious activities. Another method you can utilize is to simply research the situation you’re in. Many victims of romance or compassion scams could have avoided this with a Google search for keywords.
3. Don’t open suspicious links or messages
Don’t click on suspicious links, and always verify you’re on the right site before logging in. As for messages, we mean e-mail, SMS, MMS, or those on social media. Many exploits inject malicious code after users tap or click to open the message.
3. Refrain from oversharing
Most people share too much information. They think it’s harmless, but in reality, it makes them vulnerable. Furthermore, companies retain plenty of data during account registration. Such data can often become a part of privacy breaches and data leaks. Even worse, hackers can start with one bit of information, and use it to search various public databases. Then, they can easily find your social media accounts, real name, address, older phone numbers, etc. If your account is connected to others, hackers can cross-reference it, and the number of victims increases. This is a common method for SIM card swapping since it uses social engineering and you don’t need to fall for anything.
4. Avoid public Wi-Fi networks
Finding and connecting to a public Wi-Fi network is great. After all, everyone likes free Internet. But before you do, think about the network’s owner. You do not know who it is, and what their intentions are. Sometimes they pretend to be an establishment nearby and use a similar or exact network name. Even if it is the correct public wireless network, other users can see your browsing history and personal information. Additionally, they can utilize certain exploits and wreak even more havoc. If you must use public Wi-Fi, invest in a VPN (Virtual Private Network) for your smartphone.
5. Don’t charge your phone in public places
Hackers steal people’s credit card information by setting up fake card readers. The same is true with public chargers in various establishments such as cafes, restaurants, libraries, or camping grounds. Hackers can use a modified power adapter or a USB cable to infect your device and steal your data. This is known as a “juice jacking” method. If you have to, carry your own charger and cable, or a power bank.
6. Don’t jailbreak/root your phone
There are many benefits to having full control of your smartphone. The trouble is, so can hackers, at which point the amount of damage they can do to your smartphone and SIM card is limitless.
7. Use your carrier to protect your SIM card from hackers
Many carriers can make it so that you have to show up in person with a valid ID before account changes are approved. This is powerful protection again SIM card swapping. Besides the call center, you can also set a PIN for user accounts on the carrier’s websites like this:
Here’s how to set up a user account PIN for AT&T:
- Go to myAT&T.
- Sign in to your account, then view your profile.
- Click/tap on Sign-in Info.
- Tap/click on Wireless Passcode.
- Select Manage Extra Security.
- Enter a PIN.
To add a PIN to a Verizon account online like this:
- Go to Verizon’s My Account page and sign in.
- Switch over to the Security tab and add one.
Setting up a T-Mobile passcode works like this:
- Sign in to My T-Mobile.
- You’ll get a prompt immediately if you never set up one.
- Select a method, Security questions, or Text message. We recommend the latter.
- Click/tap Next.
- Follow on-screen instructions, then set up your 6-15 number PIN/Passcode.
Sprint will also show you a prompt to set up a 6-10 number PIN as soon as you register an account or sign in to My Sprint.
8. Lock the SIM card
Here’s an article we dedicated to locking the SIM card on Android, iOS, and iPadOS. Feel free to change the PIN from time to time, or use additional methods such as face recognition or fingerprint scanning. Additionally, we recommend disabling the “smart locking” features that keep the phone unlocked in familiar locations. If the hackers are nearby, there are no obstacles in their path.
Should I encrypt my smartphone?
You can encrypt the entire storage and/or the microSD card. We can cover this in a separate article, but for the majority of users, it’s unnecessary. Another downside is that you can’t use an encrypted microSD card with other devices. A better alternative is to install a third-party app and create an encrypted folder. Then, simply transfer the files you want to protect to it.
9. Change your two-factor authentication method
Using an SMS two-factor authentication method is better than nothing, but can be useless if you become a victim of SIM card swapping. We recommend switching to an app-based method such as Google Authenticator. Or, for even stronger security, purchase a device that fits on your keychain. You can then plug it into the USB port of your computer or smartphone via a mini USB/USB-C to USB adapter when identity needs to be verified.
10. Set up two-factor authentication to a second phone number
This is a safeguard that involves generating a Google Voice phone number different than your own, then setting up SMS two-factor authentication to it. It’s free, supports up to 6 numbers, and can really piss of hackers who think they’ve managed to break your primary 2FA. Here’s how to set up a Google Voice phone number other than your own:
- Download, install and run the Google Voice for Android or Google Voice iOS app.
- Sign in to your Google account.
- Accept the Terms of Service, then tap Continue.
- Tap on Search.
- Use an area code, and tap on Select when you find a free number.
- Enter your existing phone number and verify it with a 6-digit code.
- You’ll be taken to the Google Voice Dashboard.
- Tap on Settings in the top right corner.
- Go to Account.
- Under Linked numbers, you’ll see your existing phone number.
- Tap on X next to it, then Remove.
- Now your Google Voice number is the only one remaining, and hackers can’t use call and text forwarding to it.
- Tip. If Google doesn’t allow you to remove it, add another Google Voice number from Settings > Account > Linked numbers > New linked number before trying again.
11. Enable Find My Phone to protect SIM card from hackers
Find My Phone is a feature that allows you to block access to your phone remotely. Additionally, you can locate the perpetrator if the smartphone or SIM card gets stolen. Best of all, it doesn’t take a lot of effort. Follow the steps in method 3 of our guide to blocking a SIM card.