SIM Swap: How To Protect Yourself And Your Family!

by birtanpublished on September 9, 2020

I'm just gonna come right out and say it SMS verification and two-factor authentication for all intents and purposes is a security risk nearly equivalent to having a pin of 1 2 3 4 or a password like password 1 it's just a bold-faced liability in modern times sim

Swapping is the Big Kahuna the digital devil the kind of hack you wouldn't wish on your worst enemy in the event that you need to protect yourself from a sim swap I've got you covered but now you're wondering what the heck is a sim swap

Well a sim swap attack is when a hacker socially engineers your cell service provider into switching your cell service and phone number over to a SIM card that is in their control this means that they receive all your phone calls

SMS and a whole bunch more for all intents and purposes they become you to any service that uses your phone to identify you this is very very bad and it often happens so fast in the middle of the night so it's really hard to

React effectively when it is happening once the hacker has your phone in their control they use the standard SMS Recovery Options to get into your email then they use your email and any other SMS multi-factor authentication accounts

To get access to all sorts of things like your bank's online stores and a whole bunch more all along the way they're changing passwords they're locking you out of things they might be deleting accounts and if your security

Is not tight enough online this could be catastrophic think catastrophic like bank accounts drains social media taken over locked out of all your online store accounts and that sort of thing a simple google search about sim swaps will prove

My point here this is happening all over the place and it can happen to anyone so here's how to protect yourself from sim swaps all the way from preventing them altogether to minimizing the damage if you were to get hit with one so first

And foremost how can we prevent sim swaps in the first place I will caveat this with saying there is no perfect defense but here are the best practices number one call your cell service provider and set up a six to

Eight digit pin that will be required to do anything to your account including swapping your sim all providers will do this so brave the customer service wait time and just do it make sure it's not

Your birthday your birth year your phone number or anything else it's easily linked to you and then for one layer of extra protection have the associate marked down on your account that you want a sim lock then any sim Schwab's

Must be done in store with a show of valid ID so that you physically have to go somewhere this may be an inconvenience for you if you ever do need to swap your sim but it could very well save you in the end now the next

Thing is do not share your phone number widely this is one that I've struggled with and other people have struggled with just take it from me don't share your phone number out all over the place take it out of your email signature

Don't post it online don't submit it to every online service that asks you for it once a SIM swap attacker targets you the next step is to find your phone number so don't make that process really really easy one great way to do this is

To create a free Google Voice number to use for public facing calls web forms and that sort of thing so you are not exposing your real phone number but you can still punch one in when required on a web form now finally don't make

Yourself a target for sim swaps in the first place this is not guaranteed because you can't control everything about it but if you make a lot of money great good for you don't post about your fat stack of cash

And what bank you have hackers will take note and eventually you will be targeted if you have a lot of crypto also keep it quiet no one has to know how much you're sitting on and it can also make you a target

Rule of thumb keep as much to yourself as you possibly can now we'll caveat all of these efforts with the simple fact that many advanced sim swap hackers or attackers have insiders within the cell service provider businesses that can

Bypass your PIN skip your request for in-store sim swaps and even simpler still the sim swapper can verbally convince the phone support agent to switch your service over to their sim even with these protections in place

These are real problems too so in order to minimize the damage of a sim swap attack and to stop the hacker dead in his or her tracks if their swap is successful here are some best practices that are

Equally important if not more important than what we've already discussed let's dive right in if you're using SMS two-factor authentication on any account for recovery switch it to a hardware token or Google Authenticator if that's

Not an option delete the account it sounds crazy but seriously get rid of it SMS authentication or SMS two-factor authentication is terrible trust me on this one once someone gets one account it can often lead to others especially

In regards to email I cannot overstate the importance of protecting your email especially Gmail because if a hacker gets access to it they now have access to your calendar your photos your Google Voice account your cloud storage and

Your emails themselves oh don't forget the hundreds of passwords that are probably stored in Google password manager so here's how to secure your email first and foremost log into every gmail account or other email account for

That matter that you have and follow the following steps hey you want to remove all backup emails and phone numbers for Gmail that's under my account Google com go to the security tab and then ways we can verify its you get rid of both of

Those things instead enable two-factor authentication with the Google Authenticator app or better yet use a Yubikey hardware key and their subsequent Google Authenticator style app that uses the hardware key to

Authenticate your codes now see you want to handwrite your backup codes in pencil and store those in a safe place so you can recover accounts in the event that you lose your multi-factor authentication device or your physical

Yubikey these can be used to recover your account if you don't have your existing to FA methods handy and then D never ever add another phone or email as a backup again that is a one-way ticket for a hacker to get into your email now

If you want to take this to the next level you can use a separate non-cellular connected device like an old iPhone with no SIM card as your primary Google Authenticator device so all it will be used for is to have that

App there to connect it to Wi-Fi get your at one time codes punch them in and then turn the phone back off this way your two-factor device is air-gap from the rest of your devices and your primary phone

But this is something that's next-level insecurity furthermore and this is critical I would recommend creating a unique email address for sensitive accounts like crypto exchanges banks and the like you can go totally nuts by

Creating an individual email for each one of these accounts but I think that's just fine to create one single email that has a complex unique name that is solely used for managing these accounts do not send emails from it to anyone do

Not show it to anyone do not leave it logged in on your computer it's a secret email as far as anyone's concerned you don't have it this way if one of your emails were to be taken over by an attacker your most sensitive accounts

Are still safe and cannot be recovered from those emails next you want to eliminate all unnecessary accounts and public information on the web so go into your Facebook your LinkedIn your other profiles and delete your work info your

Birthday your location information and all that sort of thing if your dog's name is your security question for your bank please change it because we all know you have at least 40 Instagram posts about your dog who doesn't this

Info can be used to socially engineer control of your identity because Packers can take advantage of the information they can readily find online to prove to someone like a customer service agent that they're you this includes removing

Any identifying information from your cloud drives because cloud drives are never a guarantee in terms of security now that means removing things like your tax returns your credit statement PDFs your utility bills from your Google

Drive iCloud Dropbox and etc and to move them into an external storage location which I will link below some cheap options for that I use very often next you want to use unique passwords for each account that you have and you want

To use a password manager like keeper – Lane and etc to store those password again to store those passwords again links below to some of my favorite password managers you can check them out now for bank accounts and crypto

Exchanges make sure that you require Google Authenticator or Hardware key verification for as many different account functions and actions as possible that includes changing your personal

Info changing your password making transactions and the like if for some reason your account is breached this can save you from the worst possible scenario of a drained account if you can block actions on the account using 2fa

Now as always folks I will post a couple of Awesome videos here that I think you'll really enjoy and if you have the time to stick around I would highly encourage you to do so but of course thank you so much for watching and until

Next time Cheers

Related Videos

Hello the Republicans and welcome to another video of my cryptocurrency news series where I'm looking at the news that happened last week now today's 28...
What's up crypto gang welcome back to another episode if you guys are doing here we do a giveaway at the beginning of every single episode and today's w...
What's going on guys crypto jeremy here back with xrp video hope you guys have a fantastic day thank you guys so much for tuning in to another video and the...
What's up guys kevin cage here just wanted to do a quick market update on this monday so as we can see ada ada is down 11 today we noticed that it is coming...
Hello the Koopalings and welcome to another video in my cryptocurrency event overview series the aim of the series is to find any upcoming cryptocurrency events...
Ladies and gentlemen people of the internet welcome back to yet another episode of crypto over coffee hope you're doing well today and if you're new her...
Hey guys welcome back so first of all I want to start as usual by thanking everybody who's been liking subscribing and sharing my content you're helping...
Hi i'm brad garland house the ceo here at ripple it's an honor and really a privilege for us to be one of the founding members of the international asso...
Hello the cubicles and welcome to another video maker of the currency event over the series the aim of the series is to find any upcoming the currency events an...
I have to apologize to everybody because I've been promoting a company who only has their best interests at heart top salesmen best interests at heart and n...
It is Monday and you know what that means another episode of Krypto segments what's going out everybody it's your boy Krypto Bobby I hope you were havin...
What's going on everybody Alex back was another cryptocurrency video but today we're going to be talking about how to control yourself how to emotionall...
Hey guys welcome back first off I want to thank everyone who's been liking subscribing and sharing my content you guys rule and I appreciate all the constan...
Live from the USA hoping you get paid every day this stuff boasts a Bitcoin the crease though of creeped up is avoid BK and if you don't like me you must no...
Okay come down here boom that would be picture-perfect beautiful guys look at this we actually have this candle come down right on this line right here right ab...
Wow you guys are going to want to check this out guys as you may know Bitcoin has decreased a few hundred dollars as of about midnight last night we have some i...
What's going on guys crypto jeremy here back with xrp video hope you guys had a fantastic day thank you guys so much for tuning in to another video today&#3...
Hello tokens and welcome to another video nice update now today's third of June and I'm looking at news that happened from 28th of May until today I alw...
hello it's Brad Lori or blockchain Brad and today we're speaking exclusively with icon many of you know it you've known it for years and they'r...
People what's going on this an update on Tron all right so the market right now market cap is 431 billion we've got a Bitcoin dominance roughly 34 perce...