SIM Swap
A mobile phone is a convenient banking channel. One can get account-related alerts,One Time Password (OTP), Unique registration number (URN), 3D secure code etc. required for financial transactions and make various financial inquiries through the mobile.
Under SIM swap/exchange, fraudster manages to gets a new SIM card issued for your registered mobile number through the mobile service provider. With the help of the new SIM card fraudster gets URN/OTP & alerts required for doing financial transactions through your bank account.
A mobile phone is a convenient banking channel. One can get account-related alerts,One Time Password (OTP), Unique registration number (URN), 3D secure code etc. required for financial transactions and make various financial inquiries through the mobile.
Under SIM swap/exchange, fraudster manages to gets a new SIM card issued for your registered mobile number through the mobile service provider. With the help of the new SIM card fraudster gets URN/OTP & alerts required for doing financial transactions through your bank account.
- Fraudsters obtain banking account details and your registered mobile number through phishing or through Trojans/Malware
- Under the pretext of losing the mobile handset, new handset or damaged SIM card, fraudster approaches mobile service provider by creating a fake identity of genuine customer
- Post customer verification, mobile service provider will deactivate old SIM card which is in customers possession and issue a new SIM card to the fraudster. There will be no network on customers handset. Now, customer will not receive any SMS , information such as alerts, OTP, URN etc. on the phone
- With the banking details stolen through phishing or Trojan/Malware fraudster will access and operate your account and initiate financial transactions which you will not be aware of and all the SMS for alerts, payment confirmation etc. will go to the fraudster
SIM swapping/exchange is usually phase two of a fraud attack. Initially, they send a phishing email (or other similar phishing attempt) to get all your banking details. These details can also be stolen using Trojans/Malware. They also work towards getting the victims personal information and may even go as far as stealing identity and creating fraudulent ID documents. In order to use all of this gathered information, they need access to the victims mobile messages - hence the SIM swap
Safety Tips:
- Be vigilant and try to stay aware of your cellphone's network connectivity status. If you realise that you are not receiving any calls or SMS notifications for a long time, something may be wrong and you should make enquiries with your mobile operator to be sure that you have not fallen victim to this scam
- Some Mobile network operators send customers an SMS to alert you of a SIM swap - which means you can act and stop this fraud in its tracks by contacting your mobile operator immediately
- Do not switch off your cellphone in the event you are receiving numerous annoying calls, rather don't answer the calls. This could be a ploy to get you to turn off your phone or put it on silent to prevent you from noticing that your connectivity has been tampered with
- Register for Alerts (SMS and Email) so that when there is any activity on your bank account you will receive an alert
- Always check your bank statements and online banking transaction history regularly to help identify any issues or irregularities
Learn more about safe banking tips through interesting videos
An application to enhance the security of your online account with OTP
Learn about Credit Scores, Nomination, Banking Ombudsman and more.
Read the RBI advisory against Phishing emails sent in its name.