Mobile numbers have become an identity for many services, including banking services that are being offered through mobile these days. Banks has built many security features around mobile numbers like transaction messages, One Time Passwords for financial transaction, etc. Access to such information is essential for fraudsters to possess in order to defraud customers.
What is SIM Swap fraud?
SIM Swap fraud is an account takeover scam in which fraudsters try to get duplicate SIM card from telecom operators on the pretext of lost/damaged SIM or in connivance with operators' representatives and then access confidential information sent by the bank.
The new SIM card is then activated on the fraudster's device, allowing them to receive calls and texts meant for the victim. This gives the fraudster access to sensitive information, such as 2-factor authentication codes, which they can use to steal money or other assets. To protect yourself from SIM swap fraud, it's important to secure your mobile phone account with a strong password and to use 2-factor authentication on any accounts that support it.
How does it occur?
> Fraudsters obtain your mobile number and other bank account details from Phishing, Vishing, Trojan/Malware attack or social engineering tactics.
> Then they ask the telecom service provider for replacement of SIM or number porting to a new SIM on some pretext like new handset or loss/damage of SIM/handset.
> Fraudsters may connive with representative of telecom operator or produce fake documents to get the duplicate SIM.
> With the banking details stolen through Phishing or Trojan/Malware, fraudsters will access and operate your account and initiate financial transactions which you will not be aware of since SMS alerts, payment confirmations, etc. will go to the fraudster.
How do I prevent or stop a SIM swap fraud?
> Enquire with your mobile operator if you have no network connectivity and you are not receiving any calls or SMSes for unusually long periods.
> Verify the status of the SIM card with your telecom service provider when in doubt instead of believing an unknown caller.
> Do not neglect bulk notifications that look suspicious or messages sent from your network provider that highlight a probable SIM-Swap. Act quickly on such messages.
> Never switch off your smartphone in the event of you receiving numerous unknown calls. It could be a ploy to get you to turn off your phone and prevent you from noticing a tampered network connection.
> Never click on unverified/unknown links or web link.
> Register for instant alerts (both SMS and Emails) that inform you of any activity in your bank account.
> Check your bank statements frequently to identify irregularities.
> Set an upper withdrawal limit for banking transactions.
> Don't share confidential details like Aadhaar number and SIM card number with unknown callers.
> On realizing that a scam has occurred, contact your bank immediately and block all your accounts.