SIM Swap

What is SIM-Swap/exchange fraud?

A mobile phone is a convenient banking channel. One can get account-related alerts,One Time Password (OTP), Unique registration number (URN), 3D secure code etc. required for financial transactions and make various financial inquiries through the mobile.

Under SIM swap/exchange, fraudster manages to gets a new SIM card issued for your registered mobile number through the mobile service provider. With the help of the new SIM card fraudster gets URN/OTP & alerts required for doing financial transactions through your bank account.

How does a SIM swap work?

  • Fraudsters obtain banking account details and your registered mobile number through phishing or through Trojans/Malware
  • Under the pretext of losing the mobile handset, new handset or damaged SIM card, fraudster approaches mobile service provider by creating a fake identity of genuine customer
  • Post customer verification, mobile service provider will deactivate old SIM card which is in customers possession and issue a new SIM card to the fraudster. There will be no network on customers handset. Now, customer will not receive any SMS , information such as alerts, OTP, URN etc. on the phone
  • With the banking details stolen through phishing or Trojan/Malware fraudster will access and operate your account and initiate financial transactions which you will not be aware of and all the SMS for alerts, payment confirmation etc. will go to the fraudster

They may get my SIM, but how did they get my bank details?

SIM swapping/exchange is usually phase two of a fraud attack. Initially, they send a phishing email (or other similar phishing attempt) to get all your banking details. These details can also be stolen using Trojans/Malware. They also work towards getting the victims personal information and may even go as far as stealing identity and creating fraudulent ID documents. In order to use all of this gathered information, they need access to the victims mobile messages - hence the SIM swap


Safety Tips:

  • Be vigilant and try to stay aware of your cellphone's network connectivity status. If you realise that you are not receiving any calls or SMS notifications for a long time, something may be wrong and you should make enquiries with your mobile operator to be sure that you have not fallen victim to this scam
  • Some Mobile network operators send customers an SMS to alert you of a SIM swap - which means you can act and stop this fraud in its tracks by contacting your mobile operator immediately
  • Do not switch off your cellphone in the event you are receiving numerous annoying calls, rather don't answer the calls. This could be a ploy to get you to turn off your phone or put it on silent to prevent you from noticing that your connectivity has been tampered with
  • Register for Alerts (SMS and Email) so that when there is any activity on your bank account you will receive an alert
  • Always check your bank statements and online banking transaction history regularly to help identify any issues or irregularities