Spanish police have issued a new alert warning the public about an ongoing SIM swap scam targeting victims across Spain, following a global surge in such attacks that cost victims $48 million in 2023 according to FBI reports. The scam involves criminals obtaining personal details through phishing emails, malware, or social media posts to duplicate victims’ SIM cards and gain unauthorized access to sensitive information.
Several warning signs can indicate a potential SIM swap attack, including unexpected loss of phone signal or service, notifications about SIM activation on another device, and being locked out of online banking or credit card accounts. The pattern matches recent high-profile cases, including a $280,000 theft in Florida where criminals successfully compromised victims’ mobile accounts to access financial services.
Recent victim accounts have revealed how attackers can execute SIM swaps online by transferring phone numbers to prepaid devices under their control. The technique allows criminals to intercept communications and potentially access financial accounts and other sensitive services tied to the phone number. The threat has become so significant that countries like India have implemented widespread blocking of suspicious SIM cards as part of national cybersecurity initiatives.
Security experts recommend several protective measures against SIM swap attacks. These include immediately contacting mobile providers if phone service is unexpectedly lost, enabling two-factor authentication through authenticator apps rather than SMS, keeping social media profiles private, and regularly updating account recovery options. The FBI and CISA specifically recommend phishing-resistant authentication methods over traditional SMS-based verification.
Additional recommended security protocols include avoiding suspicious links and email attachments, using strong unique passwords, refraining from entering sensitive information on public Wi-Fi networks, and maintaining regular monitoring of email and bank accounts for unusual activity.
Mobile carriers are implementing enhanced security measures, including multi-layer authentication protocols for eSIM activation that require robust identity verification. Companies like SEALSQ are advancing eSIM security through GSMA-accredited post-quantum technology, while European authorities are developing comprehensive cybersecurity certification schemes for digital identity systems. Regular device security updates are also crucial for maintaining protection against vulnerabilities that could enable SIM swap attacks.
Sources: Euro Weekly News, CyberDaily, KTVZ, Embroker, eSIM Card
Follow Us