On Thursday, The Federal Communications Commission (FCC) said it will tighten rules for cell phone service, in an effort to rein in SIM swapping scams and port-out fraud, two ways fraudsters can access a person’s cell phone account and phone number for nefarious purposes.
In a statement, FCC says that it has received numerous complaints from consumers who have suffered significant distress, inconvenience, and financial harm” due to SIM swapping and port-out fraud. And recent data breaches have exposed customer information that could make it easier for bad actors to carry out these kinds of attacks successfully.
SIM swapping is when someone hijacks your cell phone number so they can intercept two-factor authentication codes — the ones you use to verify a log-in or account access — to gain access to your account information.
Port-out fraud happens when the fraudster poses as their victim and opens an account with a different cell phone carrier than the victim’s and has the victim’s phone number transferred — or ported out — to the new account with the different carrier.
In most instances, if someone has access to a piece of personal identifying information, they can pull off either (or both) of these scams before the victim realizes what has happened.
The FCC has now issued a formal notice of proposed rulemaking and said in a press release it wants to amend the current rules to require carriers to adopt more secure methods of authenticating a customer’s identity before they redirect service or a phone number to a new device or carrier. The agency is also proposing requiring carriers to immediately notify a customer whenever a SIM change or port request is made on their account.