The Federal Communications Commission (FCC) of the United States has announced the adoption of new regulations aimed at curbing SIM card swapping fraud, a method widely employed by hackers to access the personal information and passwords of users. This scheme has led to losses amounting to billions of dollars and is a preferred method for many major hacker groups.
Under the new FCC rules, communication operators are now required to employ robust client authentication methods before transferring their numbers to a new device or provider. Additionally, providers must promptly inform consumers whenever a request is made to change or transfer their number in customer accounts and take extra steps to protect against SIM swapping and number portability fraud.
The rules adopted by the FCC update the existing provisions on the protection of Customer Proprietary Network Information (CPNI) and Local Number Portability. The amendments establish a unified security standard for the entire mobile communications industry, granting providers the freedom to choose their methods of protection against fraud.
The FCC has also called upon citizens to share ideas for further strengthening protection against SIM card replacement and number porting fraud. This invitation extends to combating schemes where perpetrators impersonate victims, open accounts with other operators, and then transfer the numbers to them.
According to the FBI, Americans lost over $68 million in 2021 due to SIM card swapping attacks. This figure demonstrates the exponential growth of the threat since 2018 when the FBI began tracking such attacks.