In 2005, investigations revealed phone hacking activities of the UK tabloid newspaper News of the World, highlighting to the world the vulnerabilities of mobile technology, and the potential for SIM card attack.
Image from Toronto StarIn 2013, German security researcher Karsten Nohl revealed at the Black Hat conference of hackers in Las Vegas how easy it was to break into SIM cards by simply sending a text message, which may even be hidden to the user of the phone. In doing so, he exposed the flaws in SIM security, and showed how someone with the requisite knowledge could easily break through.
Since then, security issues have persisted, with another concern being SIM card cloning.
What data do SIM cards hold?
SIM cards can hold more than just a phone number, and can include user identity, location and phone number, network authorization data, personal security keys, contact lists and stored text messages.
What is SIM card cloning?
Cloning means reading the contents of a SIM card, and then writing this content into the memory of another SIM card. Anyone can clone a sim card in person if they have the right tools, but cloning one wirelessly is more difficult.
There are reports of spam phone calls being used to clone SIMs remotely by manipulating the user into dialing certain numbers beginning with +92, #90 or #09, seemingly from Pakistan and Turkey.
Far more likely than this however, is you unwittingly giving information over the phone to a scammer pretending to be from a telecom company.
More basic security measures are more likely to pay off in the long run:
Simple Security Measures
Locking your phone, meaning that anyone trying to access it can only do so with pin swipes and number codes
Android: Settings>Security>Screen Lock
iPhone: Settings>Passcode>Turn Passcode on
Locking your SIM card, which will mean anyone trying to use the SIM will need to input a code.
Android: Settings>Security>SIM Card lock
iPhone: Settings > Phone > SIM PIN
