On January 9, 2024, the Security and Exchange Commission (SEC) had their X account, formerly known as Twitter, hacked. The hacker gained access to the X account by obtaining control of the SEC cell phone number by doing a “Sim swap”. Sim swapping is the process of transferring a person's phone number to another device without approval. Once the hacker had control of the phone number, they reset the password for @SECGov, the X username. It has been established that in the past, multi-factor authentication was enabled. It was disabled by X support per the request of the staff.
Understanding SIM Swap Attacks
SIM swapping, also known as SIM hijacking, is a form of fraud that involves a scammer tricking a cell phone provider into transferring a phone number from one device to another. The scammer is then allowed access to the victim's accounts, such as bank accounts, social media, or cryptocurrency exchanges.
Tips to help prevent sim swapping:
- Use strong and unique passwords
- Enable two-factor authentication
- Use a password manager
- Set all social media accounts private
- Be aware of how much personal information you’re sharing online
- Keep your account security up to date
The Impact on Bitcoin Prices
The hackers posted a false update on the SEC’s X account, claiming that national exchanges were approved to list Bitcoin Exchange Traded Fund (ETF), causing the price of Bitcoin to spike to $47,680, roughly a 5% increase.
Once the SEC clarified that it had not yet approved the Bitcoin ETF, the prices for Bitcoin fell back below $46,000. While the post was only up for twenty minutes it still amassed over a million views.
The Importance of Cybersecurity for Businesses
Cybersecurity protects businesses from cyberattacks such as the attack on the SEC’s X account. Cyberattacks can cause disruptions, financial losses, data breaches and the spread of misinformation. Cyberattacks usually involve hackers, spammers, and other cybercriminals to gain access to a company’s system or even an employee’s device in order to steal sensitive information. Cybercriminals typically try to steal identity information, business plans, intellectual property, or other confidential information belonging to employees, clients, customers, or investors.
Some examples of cyberattacks are malware based which is harmful software that can cause damage or disrupt computer systems; further allowing hackers access to a network and giving them the ability to steal data. Ransomware, another malicious software, encrypts or locks the victim's data until a ransom is paid. Another common tactic is phishing, which is a fraudulent communication that appears to come from a reputable and viable source.
How SIM Swaps Can Lead to Investment Fraud
SIM swaps allow the hacker access to the victims' phone as well as all the apps associated with the phone. This gives the hacker the ability to invest the victims’ money or assets without their consent. Hackers tend to target investment accounts with high balances or those known for specific securities.
What to Do If You Suspect Investment Fraud
Once you have ensured all of your accounts are secure, report the possible investment fraud to either the Federal Trade Commission (FTC) or the SEC. This will help ensure no one falls victim to these scams.
Recognizing the Signs
Knowing and understanding the tactics of a scammer will help protect yourself against them and their fraudulent activities. Scammers often promise you’ll make big money with guaranteed income or profits. Scammers will also claim the investment takes very little time or effort and has little to no risk associated. They tend to be very vague and avoid giving details about the investment. Lastly, scammers may use high pressure sales tactics to force you into a rushed decision that does not allow you to further your research.
Reporting Fraudulent Activity
It is imperative that you report all fraudulent activity not only to protect other investors, but also to protect yourself from future scams. Report all suspected investment scams to the FTC or the SEC.
Seeking Legal Help
Arming yourself with knowledgeable and experienced attorneys that understand the litigation associated with investment fraud will help recoup any funds you may have lost during the cyberattack. Experienced cybersecurity attorneys can provide resources to avoid any further cyberattacks and help protect your digital assets.
Let Levin Law Protect You From Investment Fraud
As financial fraud attorneys, we handle all types of securities misconduct and related matters nationwide. Our firm provides highly qualified legal representation for cases involving cyberattacks, crypto hacks, cybersecurity and more. Our firm has recovered hundreds of millions of dollars for our clients. Having a knowledgeable cryptocurrency lawyer on your side makes all the difference.
Schedule a free consultation to discuss the best way to protect your digital investments.
