On Friday afternoon Jack Dorsey’s Twitter account was hacked – later identified as a SIM swap attack. With this type of fraud a hacker either convinces or bribes a carrier employee to switch the number associated with a SIM card to another device, at which point they can intercept any two-factor authentication codes sent by text message.
Clearly everyone, even Twitter’s very own CEO is at risk of SIM swap fraud. And it’s a growing problem. In January this year, the City of London Police’s ActionFraud division showed a 63% rise in victims reporting the crime in 2017 compared to the previous year. So how can it be stopped?
As mobile banking and social media has become the norm, fraud associated with these activities has become prolific. But there is a way to combat the problem: greater collaboration and partnership with telcos. By taking data from telecoms providers and cross-referencing information provided by the user during an interaction or transaction it is possible for them to flag a potentially fraudulent activity and preventing fraudsters from committing account takeover.
Earlier this year Callsign announced a partnership with Three UK to combat this very issue. The Callsign solution provides additional customer ID verification to banks, based on specific fraud risk triggers notified by Three. The combination of Callsign’s ID detection technology with Three UK’s customer insight means that it can help flag when a fraudster could have accessed a genuine mobile subscriber‘s phone number. This can better protect customers from fraudsters who use email or phishing scams to obtain an individual’s personal data deceptively and use it to gain access to their phone number, bank account or social profile.