Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The FCC Proposes Rules To Fight SIM Swap And Port-out Fraud

The FCC Proposes Rules To Fight SIM Swap And Port-out Fraud

The Federal Communications Commission in the U.S. this week announced that it started to work on rules that would pull the brake on SIM swapping attacks.

The decision comes after the agency “received numerous complaints from consumers who have suffered significant distress, inconvenience, and financial harm as a result of SIM swapping and port-out fraud.”

Taking the first steps

The FCC said in a news release on Thursday that they “began a formal rulemaking process” designed to fight scams that allow fraudsters to take control of consumers’ cell phone accounts.

Along with port-out fraud, scammers use SIM swapping (also called SIM jacking) to hijack someone’s phone number and get access to two-factor authentication codes for financial services in particular.

In a Notice of Proposed Rulemaking, the agency aims to introduce rules for mobile carriers to adopt secure methods for authenticating subscribers before redirecting a customer’s phone number to a new device or carrier.

Also Read: Top 10 Exceptional And Creative Website Design Guidelines

This means that addressing the issue will take some time, since a Notice of Proposed Rulemaking is only the first step towards achieving the expressed goal. Before the final rule, the public needs to be informed of the proposed rule and given the opportunity to submit comments, a period that ranges between 30 to 60 days.

SIM-swapping and port-out fraud are similar types of scams that involve social engineering skills from the threat actor.

Typically, a fraudster with personal details about their target calls the victim’s cell phone carrier asking to transfer the service to a different device or another carrier.

If successful, all communication is directed to the attacker, including two-factor authentication codes, necessary for identity verification when logging into an account or for password reset procedures.

SIM swapping behind huge losses

SIM swappers are usually financially motivated and go after online banking and cryptocurrency exchange accounts. There are also threat actors that use this method to steal social media accounts with special handles and then sell them – in 2019, the Twitter account of Jack Dorsey, Twitter CEO, was hijacked via SIM swapping.

FCC’s action comes after the agency “received numerous complaints from consumers who have suffered significant distress, inconvenience, and financial harm as a result of SIM swapping and port-out fraud.”

Last month, an AT&T customer filed a complaint against the company for failing to properly secure their account against a SIM-swapping attack. As a result, the customer lost about $650,000 in cryptocurrency tokens.

In February 2021, T-Mobile learned of a data breach after finding that multiple customers had become victims of SIM-swapping attacks.

Also Read: Data Protection Officer Duties And Responsibilities

A network of SIM swappers dismantled at the beginning of the year is believed to have stolen more than $100 million in cryptocurrency from thousands of victims, including celebrities in the U.S.

More recently, Europol announced that cybercriminals with links to the Italian Mafia engaged in SIM swapping attacks and other cybercriminal activity that brought them more than €10 million.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us