FRESNO, Calif. (KFSN) -- How many times have you had an authorization code texted to you so you can sign into an account? Dozens of times... hundreds?
A new high-tech scam means you'll never look at those texts the same way again.
Take, tech entrepreneur Rob Ross. He built himself a nice little nest egg and then watched it crack in real time.
"I looked at my phone and there was a request for a withdrawal on my lock screen. I thought, 'I did not make a request for a withdrawal.' As I look up at my computer, I was being logged out of Gmail and I am like, 'Why am I being logged out of my computer?' and I look back at my phone and I notice there was no service."
Hackers took control of his accounts with what's called a SIM swap.
Within 20 minutes, they drained about $1 million dollars from his Coinbase and Gemini cryptocurrency accounts.
If it can happen to a tech guru, it seems like it could happen to anyone.
"Fortunately, SIM swapping is not very common," said Clovis Police digital forensics expert Destin Watkins. "It's considered a more advanced technique for cyber criminals."
Watkins says the process is complicated, but with a specific target and an embedded conspirator in the right position, like your local phone store, it could happen.
They'd need to grab your phone, take it to a specialized machine, clone your SIM card, then give the phone back and monitor your activity.
"Every phone call and every text message you receive, they'll receive at the same time," said Watkins.
When you get an authentication message, they get it too and they beat you into the account.
Watkins says it's most likely to happen in a domestic dispute, but it's much more common to see someone tracing your movements or your emails through your iCloud account.
"I've got two phones here. If I log into my account on this one and I log into the same account and you send me an iMessage, you're going to receive them on both devices."
Prosecutors in the Central Valley haven't seen any SIM swap cases yet, but in Santa Clara County, the DA's office is prosecuting SIM swap scams tied to five different teams operating in the U.S.
"They are often very young, have had no jobs before and are all of a sudden millionaires," said Erin West of the Santa Clara County DA's Office. "They are flagrant and obnoxious."
Protecting yourself can be as simple as not using your phone for two-step authentication.
Use something that's not stored in your SIM card, like the Google Authenticator or Authy apps, or physical authentication, like a Yubikey.
See more information about StopSIMCrime here.
ACTION NEWS ORIGINAL: SIM swap hack can empty your financial accounts - here's what you need to know