Has the US communications industry done enough to protect customers from SIM swap frauds? The answer is no, if you believe David Silver (pictured) of Silver Miller Law:
“I counsel clients every day on the dangers of the weak security protocols mobile telecom providers have,” said Silver Miller Managing Partner David Silver “and how those unchecked weaknesses pose such a persistent danger to all mobile phone users. Those weaknesses are not cellphone customers’ fault, but they certainly become those customers’ problem; and Silver Miller tirelessly fights to help people who have fallen victim to both substandard telecom provider security and bad actors who leverage that weakness for their own illegal profit”
Several years ago, the lamestream media tried to persuade ordinary people that SIM swap fraud represented a terrible threat to every poor schmo with a mobile phone. They succeeded in generating some attention for themselves but lawyers like Silver understood who should really be worried about SIM swaps: cryptocurrency investors. No fraudster will socially engineer a call center employee just to steal from a random bank account which might be empty, and the attraction of cryptocurrency is that there is a better chance of stolen money disappearing without trace. Lawyers, like crooks, also have more to gain when the victims of crime have deep pockets. The SIM swapping page on Silver Miller’s website emphasizes their experience with this kind of client.
Cryptocurrency, in fact, is one of the primary targets of SIM swapping thieves. As one of the nation’s leading advocates for cryptocurrency investors, we are uniquely skilled and prepared to assist victims of such theft in pursuing their claims and their efforts to recover their stolen assets.
Telcos are always going to have many customers who will suddenly and unexpectedly need to replace their phones. Whether their previous phone was stolen or misplaced, this will be a stressful time for an ordinary person. Phones are a lifeline for some people. They may get emotional if they struggle to satisfy ID checks required to switch their service to a new device. Demands for the universal imposition of tougher ID controls are only made by people who never have to deal with an irate customer whose ID cards were lost or stolen along with their phone. Instead of treating all customers the same, telco risk managers can better learn how to protect their business, and the customers who most need protection, by understanding which lawsuits are most attractive to lawyers.
Anyone victimized by SIM swapping who has had valuable assets taken from them due to a cell phone carrier’s failed security protocols — especially if “enhanced security” was promised — should contact Silver Miller to discuss his/her legal options. Silver Miller is at the forefront of cryptocurrency and financial fraud litigation and fights to protect investors.
The message for how to prioritize risk mitigation is clear.
- Emphasize the availability of enhanced security protocols and give customers the option to take it. If they do not take it, then the customer has consciously chosen to accept more risk. If they do take it, then the customer has consciously chosen to accept a greater burden when they ask to switch to a new device.
- Associate enhanced security protocols with staff who are less likely to be corrupted. SIM swappers have repeatedly explained that a telco’s greatest security weakness is its call center staff. Fraudsters use bribes and social engineering to persuade call center staff to execute SIM swaps. Minimize the risk of enhanced security protocols being undermined by expanding the concept of VIP treatment so that any customer who demands more rigorous security is served by staff who are subject to more extensive training and oversight, or who have proven themselves through their length of service in the call center. If that means the customer has to wait longer for service then turn this into a positive by explaining the customer can only be served when an elite member of staff is available.
- Ask customers if they will use their mobile phones for SMS-based two-factor authentication of cryptocurrency wallets. Instead of giving all customers general warnings about fraud, your business can identify the high-risk customers and explain the risks they are taking. It may not sufficiently motivate them to adopt a more secure form of two-factor authentication, but it will serve as additional mitigation if the customer sues because a SIM swap fraud was used to intercept an SMS one-time password relating to their cryptocurrency wallet.
Lawyers do not chase cases unless they expect to profit them. Their profits are your business’ losses. Use this knowledge to reduce losses whilst encouraging customers to adopt a risk appetite that is appropriate for their circumstances. Not every customer will take the hint, but the ones who continue to engage in riskier behaviors will find it harder to shift responsibility to your business.



