FCC adopts new rules to protect consumers from SIM-swapping attacks

The Federal Communications Commission has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC's Privacy and Data Protection Task Force introduced the new regulations in July. They are geared toward thwarting scammers who seek to access personal data and information by swapping SIM cards or transferring phone numbers to different carriers without obtaining physical control of their targets' devices. In SIM swapping attacks, criminals trick a victim's wireless carrier into redirecting their service to a device controlled by the fraudster. Conversely, in port-out fraud or mobile number porting fraud, scammers transfer the victim's phone number from one service provider to another without the owner's authorization. They both cause significant financial losses, identity theft, and distress for the victim, as they lead to unauthorized access to personal accounts and sensitive information. "These scams - SIM swap and port-out fraud - don't just put wireless account access and details at risk," said Commissioner Geoffrey Starks. "Because we so frequently use our phone numbers for two-factor authentication, a bad actor who takes control of a phone can also take control of financial accounts, social media accounts, the list goes on." The FCC's updated rules concerning Customer Proprietary Network Information and Local Number Portability now mandate that wireless service providers implement secure authentication procedures before transferring a customer's phone number to a different device or provider. Under the new regulations, wireless companies must also promptly alert customers whenever a SIM change or port-out request occurs on their accounts. They must take extra precautions to shield customers from SIM swapping and port-out attempts. "We require wireless carriers to give subscribers more control over their accounts and provide notice to consumers whenever there is a SIM transfer request, in order to protect against fraudulent requests made by bad actors," said Chairwoman Jessica Rosenworcel. "We also revise our customer proprietary network information and local number portability rules to make it harder for scam artists to make requests that get them access to your sensitive subscriber information." FCC's move comes in response to an ever-increasing wave of consumer complaints about significant distress and financial harm resulting from SIM hijacking attacks and port-out fraud. In February 2022, the FBI was already warning that criminals were escalating SIM swap attacks to steal millions by hijacking unsuspecting victims' phone numbers. The FBI Internet Crime Complaint Center received 2,026 SIM-swapping complaints with adjusted losses of $72,652,571 last year. In contrast, 320 complaints reporting SIM swapping incidents with losses of $12 million were filed between January 2018 and December 2020, while IC3 received 1,611 such complaints with adjusted losses of over $68 million in 2021 alone. FBI's alert came on the heels of an FCC announcement that it started working on new legislation in response to surging SIM-swapping attacks. FBI shares tactics of notorious Scattered Spider hacker collective. Emergency alert on US phones and TVs today - Don't worry, it's just a test.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to FCC adopts new rules to protect consumers from SIM-swapping attacks

FCC adopts new rules to protect consumers from SIM-swapping attacks - The Federal Communications Commission has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC's Privacy and Data Protection Task Force introduced the new regulations in ...
10 months ago Bleepingcomputer.com
FCC Warns Carriers to Protect Customers Against SIM Swaps - A month after issuing new rules to push back against SIM-swap and similar schemes, the Federal Communications Commission is warning mobile phone service providers of their obligations to protect consumers against the growing threat. SIM swapping - ...
9 months ago Securityboulevard.com
FCC adopts lead generation rules to protect consumer privacy - The Federal Communications Commission adopted rules for the Telephone Consumer Protection Act that aim to protect consumers against robocalls and robotexts from lead generation and comparison shopping websites and give consumers the ability to choose ...
8 months ago Techtarget.com
Tell the FCC It Must Clarify Its Rules to Prevent Loopholes That Will Swallow Net Neutrality Whole - The Federal Communications Commission has released draft rules to reinstate net neutrality, with a vote on adopting the rules to come on the 25th of April. The FCC needs to close some loopholes in the draft rules before then. Net neutrality is the ...
5 months ago Eff.org
SIM swapper gets 8 years in prison for account hacks, crypto theft - Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency ...
10 months ago Bleepingcomputer.com
AI-generated voices in robocalls now illegal - The ruling, which takes effect immediately, makes voice cloning technology used in common robocall scams targeting consumers illegal. This would give State Attorneys General across the country new tools to go after bad actors behind these nefarious ...
8 months ago Helpnetsecurity.com
T-Mobile, Verizon workers get texts offering $300 for SIM swaps - Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps. The targeted employees have shared screenshots of messages offering $300 to those willing to aid the ...
5 months ago Bleepingcomputer.com
Ted Cruz wants to stop the FCC from updating data-breach notification rules - Sen. Ted Cruz and other Republican senators are fighting a Federal Communications Commission plan to impose new data-breach notification requirements on telecom providers. In a letter sent to FCC Chairwoman Jessica Rosenworcel today, the senators ...
9 months ago Arstechnica.com
Store manager admits SIM swapping his customers - A 42-year-old manager at an unnamed telecommunications company has admitted SIM swapping customers at his store. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target's cell phone number and re-routing it to a phone ...
6 months ago Malwarebytes.com
Bringing Composability to Firewalls with Runtime Protection Rules - Rule control - Customers could not easily write their own firewall rules because of the use of proprietary languages that most teams weren't familiar with unless they received specialized training, or behind walled gardens only accessible by vendor ...
8 months ago Securityboulevard.com
What Are Firewall Rules? Ultimate Guide - Firewall rules are preconfigured, logical computing controls that give a firewall instructions for permitting and blocking network traffic. Network admins must configure firewall rules that protect their data and applications from threat actors. ...
8 months ago Esecurityplanet.com
FCC designates first robocall threat actor under new classification system - The Federal Communications Commission on Monday put an entity it is calling Royal Tiger in its crosshairs for facilitating fraudulent robocalls across international networks, making it the first group targeted through a new threat analysis and ...
4 months ago Therecord.media
eSIM Vulnerabilities: SIM Swappers Exploit Flaws, Hijack Phone Numbers - According to a new report, SIM-swapping crimes are rising worldwide, mainly committed by eSIM users. eSIMs are digitally stored SIM cards that are embedded using software into devices. As a result, hackers are now attempting to exploit ...
6 months ago Cysecurity.news
FCC partners with four states on privacy and data protection enforcement - The Federal Communications Commission's privacy and data protection task force will begin partnering with four state governments to strengthen enforcement investigations and pool resources, FCC Chairwoman Jessica Rosenworcel announced Wednesday. The ...
10 months ago Therecord.media
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
10 months ago Feeds.dzone.com
FCC orders telecom carriers to report PII data breaches within 30 days - Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. FCC's final rule follows several ...
7 months ago Bleepingcomputer.com
FCC reminds mobile phone carriers they must do more to prevent SIM swaps - The Federal Communications Commission is warning mobile phone service providers to ensure they are shielding customers from cybercriminals who use fraudulent SIM swaps to take over unwitting victims' mobile phone accounts. The warning comes on the ...
9 months ago Therecord.media
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
10 months ago Esecurityplanet.com
T-Mobile pays $31.5 million FCC settlement over 4 data breaches - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
1 week ago Bleepingcomputer.com
Data broker's "staggering" sale of sensitive info exposed in unsealed FTC filing - One of the world's largest mobile data brokers, Kochava, has lost its battle to stop the Federal Trade Commission from revealing what the FTC has alleged is a disturbing, widespread pattern of unfair use and sale of sensitive data without consent ...
10 months ago Arstechnica.com
SEC confirms X account was hacked in SIM swapping attack - The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. Earlier this month, the SEC's X account was hacked to issue a fake ...
8 months ago Bleepingcomputer.com
Google Removes Foreign eSIM Apps Airola and Holafly from PlayStore - Google has removed Airola and Holafly from its PlayStore for Indian users due to their sale of international SIM cards without the necessary authorizations. The decision came from the department of telecommunications, which also contacted internet ...
9 months ago Cysecurity.news
FCC proposes 3-year cybersecurity pilot for schools, libraries - Dive Brief: The Federal Communications Commission this week proposed a three-year pilot program to study how the agency's Universal Service Fund can help schools and libraries fight cybersecurity threats. The pilot program, which would cost up to ...
10 months ago Cybersecuritydive.com
- In the contemporary landscape dominated by digital interconnectedness, the escalating menace of cybercrime has assumed unprecedented proportions. The latest threat on the horizon is the insidious 'SIM Swap' scam, an advanced scheme exploiting ...
9 months ago Cysecurity.news
Google Fi Data Breach Reportedly Led to SIM Swapping - The Google Fi telecommunications service has informed customers about a data breach that appears to be related to the recently disclosed T-Mobile cyberattack. Google Fi, which provides wireless phone and internet services, has told customers that the ...
1 year ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)