There have been several stories in the news recently of businessmen & individuals losing money from their bank accounts due to SIM swap fraud.
What is SIM Swap Fraud?
This is the process by which your phone number is transferred onto a new SIM. The fraudster will then use the new SIM to intercept OTPs (one-time-passwords) and in turn, empty your linked bank accounts.
What does the Fraudster need?
In order to initiate a SIM swap (transferring your mobile number to a new SIM card), the fraudster would have to obtain your 20 digit SIM card number. This number is physically available on your SIM card. This can also be obtained by installing malware (malicious apps) silently on your mobile.
How does the Fraudster get the required information?
In most of the cases reported so far, the victim received a call from an individual claiming to be from the service provider (Vodafone, Airtel, Jio, etc.). The executive would offer the victim a better 4G plan (more data) or faster 4G speed. The unsuspecting victim would then provide the fraudster with their SIM card number.
What is the Modus-Operandi?
After successfully receiving the 20 digit SIM number, the fraudster would ask the victim to press 1 to authorize the SIM Swap.
A few hours later, the victims’ mobile number would stop working as it has been transferred to the new SIM (which is with the fraudster).
Once the fraudster has the victim’s mobile number, he has access to everything linked to that number.
If I don’t share by SIM card number, can this still happen?
Yes! Recently, a businessman lost Rs. 1.86 Cr. The businessman stated that he received a few missed calls and his mobile then stopped working. The next morning he found his company bank account linked to his mobile number has been almost emptied in the night! The detailed article can be found here.
What can I do to prevent this from happening to me?
Do not fall for special offers from mobile service providers.
Never share your SIM card number with anyone.
Android phone users should only install apps from the Google Play Store. Apps outside the store can contain malware (like a computer virus) capable of cloning your SIM and sending details to an external contact.
Do not open email attachments from unknown people.
Do not open pictures/videos on WhatsApp from unknown people. Simply opening a photo can automatically install malware silently.
Do not connect to Public Wi-Fi. (Airports, Coffee Shops, etc.)
Use a VPN App (Virtual Private Network).
Change your passwordsย periodically.
Learn about Spam, Phishing & Ransomware here.
Be safe.