AT&T rolls out “Wireless Lock” feature to block SIM swap attacks

AT&T has launched a new security feature called “Wireless Lock” that protects customers from SIM swapping attacks by preventing changes to their account information and the porting of phone numbers while the feature is enabled.

This new feature has been available for some customers for almost a year and has now been rolled out to all AT&T customers.

SIM swap attacks are when cybercriminals port, or move, a targeted phone number to a device under their control. This allows them to intercept the target’s calls, texts, and multi-factor authentication codes to breach further accounts, such as email, banking, and cryptocurrency wallets.

In some cases, threat actors conduct SIM swap attacks by tricking or bribing telecom employees into transferring numbers from customers’ SIM cards to a new device.

With the new AT&T feature, customers can log in to the company’s mobile app or website to “lock” their number, preventing anyone, including AT&T employees, from porting the number to a new SIM card or transferring it to another provider unless the setting is first disabled.

The feature also protects other types of information, such as changing billing information, authorized users, and changing phone numbers. Business accounts receive additional features, including the ability to exempt certain lines from the lock or restrict specific account changes when enabled.

While it is good to see that AT&T has finally released this feature, it comes late, as other carriers, such as Verizon, have had it for almost 5 years.

SIM swap attacks have been linked to numerous security incidents over the past five years.

In 2020, Joseph James O’Connor, aka ‘PlugwalkJoke,’ pleaded guilty to conducting SIM swap attacks that resulted in the theft of $794,000 in cryptocurrency.

In 2021,  T-Mobile warned some customers that attackers conducted SIM swap attacks to compromise other accounts they owned. In 2023, hackers exploited a data breach at Google Fi to carry out SIM swaps.

Threat actors, like those associated with Scattered Spider, have been charged in the U.S. for using SIM swaps to infiltrate corporate networks.

Other recent attacks include eSIM hijacking campaigns where criminals activated electronic SIMs in victims’ names to seize control of numbers.

However, it is not always third-party hackers who conduct the SIM swap attacks.

Last year, Verizon and T-Mobile employees began receiving texts on their personal and work phones, trying to bribe them with $300 to perform SIM swaps.

In 2023, the FCC adopted new rules to require stricter identity verification during SIM swaps and number transfers.