Privacy and security
The importance of strong passwords and how to create them
Learn how to create strong passwords and manage them.
Read articleShelly Blackburn
Director, TELUS Data & Trust Office
Fraudulent text messages. Bad apps. Unsafe Wi-Fi networks. Unfortunately, the list of possible threats that can impact our mobile devices, and ultimately our online security and privacy, continues to grow. The latest scam that Canadians are being warned about is referred to as “SIM swapping”. Here’s what you need to know to help keep your device and data safe.
SIM cards are small removable cards that slide into our mobile devices. SIM stands for Subscriber Identity Module and the circuits contained within the cards connect our phones to our phone numbers. SIM swapping is a process by which a mobile subscriber transfers their phone number onto a new SIM card. Mobile users could have a legitimate need to do this, for instance, if they are switching mobile carriers or if they’ve lost their phone.
Established by the Canadian Radio-television and Telecommunications Commission, or CRTC, to help enable mobile users to more easily switch mobile service providers while retaining their number, fraudsters are using the relatively simple SIM swap process and guidelines to their advantage. Unfortunately, they are requesting unauthorized SIM swaps from mobile service providers or issuing requests to port (or transfer) victims’ phone numbers to different providers, all with the intention of gaining access to their victims' phone numbers. Once they gain control of the victim’s number and/or it is successfully connected to their device, the fraudster will begin receiving any calls and texts placed to the number. They can also use the password reset feature to gain access to any online accounts that have been linked with the mobile phone number - be it email, social media, online bank accounts and more.
Limit the amount of personal information about you online; fraudsters can use this information to verify your identity when attempting to swap your SIM. Be careful to not click on phishing emails (and texts) that ask you to provide and/or validate private information.
Don’t add your phone number to any online accounts where it is not necessary. The fewer accounts you have associated with your number, the lesser your risk.
Using the same password across multiple accounts is a hacker’s jackpot. When you use the same password across different accounts, remember that once they successfully hack one account, they’ve hacked them all.
Often, online accounts will require you to set up two-factor-authentication (2FA) for added protection; with 2FA, you need to authenticate yourself with something in addition to your username and password, such as a code that is sent to your device by text. With SIM swap fraud on the rise, you may want to use something other than your phone number for 2FA like an authenticator app or security key.
You may be a victim of this scam if your phone stops working properly - for instance you won’t be able to send or receive texts and phone calls. You may also receive a notification advising that your phone number has been activated with another provider and/or notice that you can no longer log in to your online accounts.
If you think something is awry and/or if you can’t make or receive phone calls on your device, contact your wireless provider immediately.
Additionally:
Just as it is important for mobile subscribers to take the necessary steps to protect themselves, wireless providers are also helping to mitigate the risk of unauthorized SIM swaps. From a TELUS perspective, SIM swap support requests are no longer supported by TELUS Call Centres; instead, customers are requested to log into My TELUS or go to a TELUS store for assistance. Additionally, when TELUS receives a request to port a mobile number to another carrier, TELUS will send an SMS notification about the request, providing customers with the opportunity to contact TELUS should the request be unauthorized. Customers can also contact TELUS (or any alternate mobile service provider) to discuss additional security controls that may be available.
Learn how to create strong passwords and manage them.
Read articleThe Canadian Anti-Fraud Centre would like to warn Canadians about a new variation of the bank investigator scam.
Read articleThe Canadian Anti-Fraud Centre is seeing an increase in reporting where fraudsters are using deepfake technology.
Read article