If you haven’t witnessed SIM swap fraud, count yourself lucky. Sim Swap Fraud is a relatively new technique and a new form of fraud which allows hackers to gain access into your bank accounts, any personal data or credit cards. It is tough to comprehend how this system works, and even tougher to know on what can be done to undo the damage.
But besides this, there’s always a hope in recognizing the SIM card fraud’s basics that can help you stay alert from the most common forms of the attack.
What is a SIM swap fraud?
SIM swap fraud is the latest type of identity theft which exploits some of the most crucial user data which is stored in the SIM card. With an easier access to conduct banking transactions through cell phones, fraudsters have started seizing control over your phone number to get into your bank account. With this, the fraudsters try to transfer any kind of funds that are linked to online banking accounts through “SIM-swap,” which is a process of cancelling the SIM card linked to the victim’s number and then activating a new one on a phone which is under their control. This certainly means that all the transactions carried out later are diverted to the criminal’s phone, so this enables them to activate codes or any required authorizations for online fund transfers, which can be OTP (one time pin or password).
Laying the groundwork for conducting a SIM-swap scheme requires a lot of data collection about the victim as possible. There’s a possibility that the fraudsters might send phishing e-mails or messages that imitates legitimate businesses like health insurers or credit card providers with an intention of fooling the victim to source their legal names, date of birth, addresses, and contact details. Unfortunately, not many people can identify the difference between genuine emails and phishing emails.
How is it carried out?
- Firstly, the fraudster tries to secure the victim’s account details and the registered contact number through phishing or Trojans
- Later, they apply for a fake SIM card under the victim’s name in order to make it look the victim has lost the cellphone, and will further fake the individual’s identity
- Post the verification process, the mobile service provider deactivates the old SIM card and issues a new one (the one the attacker gets). Soon the victim will no longer have any network on their mobile phone which will eventually restrict any SMS or alerts from getting received. Since the victim wouldn’t receive any SMS or alerts, they would not receive an OTP or URN either. The worst part is that the victim would not even realize that the OTPs and other information have been going to the attacker, not you.
Even though the practice of this fraud has recently begun, however, a lot of victim’s have fallen prey to this fraud which is quite difficult to trace. However, after realizing the importance of protecting customer data, most of the banks have successfully installed a protective layer to prevent the number of fraudulent cases happening. If you’re a victim of this fraud, remember that it is not the end of the world. You need to stay aware and inform your bank as soon as you have any doubts.