SIM Swapping: A Deep Dive Into One of the Most Significant Cybercrime Threats Today

• In Event: Cybercrime Working Group - Trends in cybercrime 2

Abstract

What would you do if someone took control of your mobile phone number? This is not a hypothetical situation but a reality for SIM card hijacking (or SIM swapping) victims. Criminals have engaged in this cybercrime to gain control of the target’s phone number, bypass two-factor authentication, and gain access to the target’s cryptocurrency wallets, email, social media, banking, and any other accounts that require two-factor authentication. Given that mobile phones are an integral part of professional, personal, financial, and health activities, SIM swapping is one of the most significant cybercrime threats today. Because little is known about SIM swapping and the characteristics of the actors and groups that commit this cybercrime, our study identifies its characteristics. The aims of the research are two-fold: 1) to situate SIM swapping within the broader literature on cybercrime; and 2) to develop a typology of SIM swapping based on an in-depth analysis of cases. This typology identifies the actors involved in this cybercrime, particularly offender demographics and whether offenders committed this cybercrime individually, with another actor, or as a part of a group; the size, structure, and roles of members of any identified groups; and the offenders’ tactics, tools, targets, areas of operation, and modus operandi.

Authors

• Marie-Helen Maras, John Jay College of Criminal Justice, City University of New York, USA

• Emily R Ives, University of Virginia