Skip to content Skip to footer

How Fraud Took Down AT&T

How Fraud Took Down AT&T

Did you hear about the AT&T incident that happened in early 2024? A port-out cyberattack made a group of sophisticated fraudsters who managed to hijack the phone numbers of dozens of customers with reportedly high net worth. By gaining control of these numbers, the fraudsters intercepted multi-factor authentication codes to access the victims’ financial accounts, primarily focusing on cryptocurrency holdings. Losses are estimated in the millions, and one high-profile victim reported losing nearly $1M by themselves.

What is this sophisticated scheme that can intercept major companies like AT&T?

Port-out fraud, also known as SIM swapping or SIM hijacking, is a sophisticated scam where fraudsters take control of your mobile phone number by transferring it to a different carrier without your consent. This type of fraud has become increasingly prevalent and poses significant cybersecurity risks!

First, fraudsters gather personal information about their target. This can be done through phishing emails, social engineering, data breaches, or even by purchasing information from the dark web.

Once they have enough information, the fraudsters contact the victim’s mobile carrier, posing as the victim. They request a port-out, which is the process of transferring the phone number to a new carrier.

This is when your phone company’s verification practices come into play. If you’ve set up security questions or multi-factor authentication, then your service provider is required to pause and verify who is trying to access your accounts. Unfortunately depending on which MFA you’ve set up, fraudsters can hack your phone for a one-time SMS code or use personal information gleaned from your social profiles to correctly answer security questions.

Once they verify, the carrier transfers the phone number to the new SIM card controlled by the fraudsters. The victim’s phone loses service, and the fraudsters gain full control over your phone number.

With control of your phone number, the hacker can intercept calls and text messages, including those used for multi-factor authentication on your other accounts, including but not limited to financial accounts, email, and social media profiles. That means they can drain bank accounts, make unauthorized purchases, and even apply for loans in your name.

Beyond financial loss, fraudsters can use the stolen information to commit further identity theft, causing long-term damage to the victim’s credit and personal reputation. That kind of mess can take years to clean up!

Fortunately, we are not How can you keep yourself safe from this, and other evolving cyber-threats?

  1. Use Strong Passwords: Ensure that your online accounts, especially those linked to your mobile carrier, have strong, unique passwords.
  2. Enable Two-Factor Authentication: Use MFA for your accounts, but consider using biometric ID or an authentication app rather than one-time codes or links, as these are much more secure.
  3. Be Cautious with Personal Information: Be wary of sharing personal information online or over the phone. Verify the identity of anyone requesting such information.
  4. Set Up a PIN with Your Carrier: Many carriers offer the option to set up a PIN or password that must be provided before any changes can be made to your account.
  5. Monitor Your Accounts: Regularly check your financial accounts for any suspicious activity.

If you suspect you are or might be the victim of port-out fraud, contact your mobile carrier immediately to regain control of your phone number. Then, inform your bank and other financial institutions to secure your accounts, and consider credit monitoring services to ensure your continued security. You may also want to file a report with your local law enforcement, and consider reporting the incident to the Federal Trade Commission (FTC) or the equivalent authority in your country.

Port-out fraud is a serious cybersecurity threat, but by staying vigilant and taking proactive measures, you can significantly reduce your risk of falling victim to this scam.

This is just one of the many cyber-threats leveraged against companies like the one where you work; and they go after employee accounts by contacting staff members like you. Learning what these attacks do, what hackers want, how to recognize the signs help keep your data, and your company’s data, safe online.