Lawmakers Ask FCC to Protect Consumers from Phone Hijackers

Nor Gal/Shutterstock.com

Featured eBooks

Digital First
Cybersecurity & the Road Ahead
Emerging Technology Trends

The request comes amid an uptick in SIM swap scams.

A half-dozen lawmakers asked the Federal Communications Commission to require wireless carriers to better protect consumers from new forms of phone hijacking.

In a letter authored by Sen. Ron Wyden, D-Ore., and signed by five House and Senate members, lawmakers pressed FCC Chairman Ajit Pai to use the regulatory agency’s authority over wireless carriers to respond to a growing number “SIM swap scams.” In these scams, fraudsters convince wireless carriers to transfer mobile accounts over to them, where they can hijack login credentials and commit other crimes, such as emptying victims’ bank accounts. Increasingly, scammers are using these attacks to bypass two-factor authentication that relies on text messages. (There are other kinds of 2FA, including authenticators and physical keys.) Once scammers take ownership of a mobile account, texts and calls intended for the victim go to scammers instead.

“Consumers have limited options to protect their wireless accounts from SIM swaps and are often not informed about these options by carriers until after they have been victimized,” the lawmakers write. “Consumers have no choice but to rely on phone companies to protect them against SIM swaps—and they need to be able to count on the FCC to hold mobile carriers accountable when they fail to secure their systems and thus harm consumers.”

The Federal Trade Commission warned the public of these kinds of attacks in October after a rapid influx of incidents. There were 215 SIM swap attacks reported by the public in 2016. In 2019, the number of such attacks grew to at least 728, according to FTC data, though “consumer complaints usually only reflect a small fraction of the actual number of incidents,” the lawmakers said. Citing a Wall Street Journal report, the lawmakers said a single law-enforcement task force in Santa Clary County identified more than 3,000 victims and $70 million in losses nationwide due to SIM swap attacks.

“The impact of this type of fraud is large and rising,” the letter states. “To that end, we urge the FCC to initiate a rulemaking to protect consumers from SIM swaps, port outs and other similar methods of account fraud.”

The letter, also signed by Sens. Sherrod Brown, D-Ohio, and Edward J. Markey, D-Mass, and Reps. Anna G. Eshoo, D-Calif., Yvette D. Clarke, D-N.Y., and Ted Lieu, D-Calif., requests responses by the FCC by Feb. 14.