I have some questions:
1. Is there any carrier provider that allowed you to change your sim card or port to another device via phone call only?
2. If this case happens, can we blame our carrier provider on this or take some legal actions?
and what more tips or advice you can give to avoid this kind of attack.
Not sure about 1.
On 2, yes there have been cases where this has been successful. Example:
https://www.coindesk.com/crypto-investor-awarded-over-75-million-in-sim-swapping-hack-caseTips to avoid this
> Avoid storing your coins or funds for long term in a centralized exchange.
> Avoid using centralized cryptocurrency wallet.
> User hardware wallet or cold wallet.
Also, we wrote an article for Binance that does touch on some other ways to protect yourself (
https://www.binance.vision/security/common-scams-on-mobile-devices)
> Do not use your mobile phone number for SMS 2FA. Instead, use apps like Google Authenticator or Authy to secure your accounts. Cybercriminals are unable to gain access to these apps even if they possess your phone number. Alternatively, you may use hardware 2FA such as YubiKey or Google's Titan Security Key.
> Do not reveal personal identifying information on social media, such as your mobile phone number. Cybercriminals can pick up such information and use them to impersonate you elsewhere.
> You should never announce on social media that you own cryptocurrencies as this would make you a target. Or if you are in a position where everyone already knows you own them, then avoid disclosing personal information including the exchanges or wallets you use.
> Make arrangements with your mobile phone providers to protect your account. This could mean attaching a pin or password to your account and dictating that only users with knowledge of the pin can make changes to the account. Alternatively, you can require such changes to be made in person and disallow them over the phone.