Cell phone cloning, while not as major a problem as it used to be, continues to be an issue for some mobile phone users. Cell phone cloning is a method, using electronic equipment, for criminals to to steal the identity of a phone, hijack the carrier, and get free service for themselves. This can be anything from a minor nuisance to a catastrophe for the person whose phone is cloned. The consequences range from having bogus charges appearing on one’s bill, all the way up to criminal charges being filed if a cloned phone is then used to commit a crime. It is a serious problem. In this article, I will explain what cell phone cloning is, how it works, and what you can do to protect yourself against cell phone cloners.
How cell phone cloning works
Cloning a cell phone is a two-step process. First, the crooks use an electronic scanner to detect the electronic identity number of the SIM card in a nearby phone. There are a variety of different kinds of scanners and they can be found on the dark web among other places; it isn’t our goal here to teach you how to clone a phone so I’m not going to link to any of the places where they can be bought. Scanners are relatively expensive and relatively difficult to get, but it’s not impossible. Today, because most phones have significantly enhanced security against cloning operations, a phone cloner is much more likely to try to get physical access to the SIM card. With physical access to the card, cloning is relatively easy to accomplish.
Once the cloner has the information (usually consisting of the electronic serial number of the SIM card, and its authentication key), they will use a SIM writer to make a duplicate SIM card. Because SIM writers are legitimate tools with many legal uses, they are easy and inexpensive to acquire and anyone with $10 or $15 to spare can get one via Ebay without even trying. The cloner can then put the duplicated SIM card in another phone, and use that phone to make calls and connections under the original phone owner’s account.
It used to be much easier to clone cell phones than it is today. In the early days of cellular communication, both the phones themselves and the cell network they operated on used analog technology. Now all cell phones are digital and their signals are encoded and encrypted, making it almost impossible to scan for SIM information. There is one weakness in the system, however, and that is the existence of analog backups.
In high-traffic areas, many carriers keep analog cell stations running to handle overflow. When a single station becomes very busy, it overflows some calls to the old analog network. Someone with a scanner within range of that network can harvest your phone’s identifying information. Analog systems used CDMA technology which transmitted your phone’s ESN (Electronic Serial Number) and MIN (Mobile Identification Number) along with the call data. Digital systems use GSM which shifted to using a phone’s IMEI. Where once you could capture the ESN and MIN relatively easily and flash a blank phone with the data to clone it, IMEI is slightly different. Now you need to capture IMEI data and use a hardware SIM reader and writer to clone the SIM, not the card.
The signs of a cloned phone
There is no easy wat to tell that your phone has been cloned. However, there are a few telltale signs that may indicate something is up, including:
- A call from your carrier asking if you have traveled.
- A sudden increase in calls or SMS messages from unknown or unfamiliar numbers.
- More wrong numbers or abandoned incoming calls than usual.
- Disappearing voicemails or difficulty accessing your voicemail.
- More and/or unusual call activity on your bill.
If you do suspect foul play there are a couple of other things you can check.
If you use Android, use Google Find my Phone to see where it thinks you are. If you use iPhone, use iCloud to do the same. These are not exact, but they should at least offer a clue if your phone has been cloned by someone in a different country. However, this will only work if location is enabled on the phone.
The only other way to detect if your phone has been cloned is by keeping an eye on your phone bill. Check it each month and note any unusual calls. Use reverse phone lookup if they are not clearly identified to see who they might have been. Talk to your carrier if you have any suspicious calls, as they will be able to identify the cell tower with which the call originated.
Preventing phone cloning
The most effective step you can take to prevent your phone being cloned is not to let it out of your sight or let it fall into the possession of another person. Because of the enhanced security in the phone networks, it’s very difficult, bordering on impossible, for someone to effectively clone your phone just because you walk past their scanner. Instead, they have to physically get their hands on the device so that they can pull the identifiers off the hardware.
You should definitely secure your phone using a PIN number or a biometric (fingerprint) password, so that if you lose your phone, someone else can’t get access to it. To prevent wireless interception of your information, turn off Bluetooth and WiFi when you’re not using them. Don’t install suspicious apps that you aren’t 100% certain aren’t cloneware. Cellphone cloning isn’t as prevalent as it once was, but it still happens. While there is little to do to completely prevent it, these basic precautions will lower the chances significantly.
We’ve got a lot of other articles on cell phones.
Want to enhance your phone’s security? See our tutorial on preventing your cell phone from being tracked.
Think there might be hidden cameras around? We’ll show you how to detect hidden cameras with your Android smartphone or with your iPhone.
Need to charge a phone but all you have is another phone? You can charge one phone from another cell phone!
Want better signal on your phone? We’ve got a tutorial on improving cell phone reception.
Would you like a second phone number for your Android smartphone? See our article on how to get a second number for your phone.