Everyone prefers digital options rather than physically visiting a place for work. Be it changing the bank account personal details like a phone number or email id, swapping the sim to some other operator; everything is possible digitally. Although this digital transformation of the people has several benefits, it has a few serious loopholes too. And these loopholes give chances for hackers to steal personal information and misuse it.
One such rising cyber-crime is sim card swap fraud. Almost all the telecom operators provide the facility of swapping the sim cards to other operators. The process of sim card swapping is so easy that consumers do not hesitate to carry out this process. If they do not receive a good signal, or the internet speed is slow, they can immediately switch to another operator, without having to worry about issuing a new sim or changing the existing phone number.
How Sim Card Swap Fraud Works?
It may not seem like a very serious crime and also harmless to some extent. But come to think of it, now sim cards or to say your 10-digit phone number is just not a number used to make calls, it is much more than this. All your bank accounts, emails, password change OTPs, transaction OTPs, Aadhar linking, almost everything is linked with this 10-digit phone number. Now you can think of the seriousness of the crimes that can take place if someone has access to your sim.
As the technology has advanced, so have the hackers and they have a trick to break in into anything. Sim card swap is also one of the cyber crimes that is speedily spreading. Especially during the pandemic, since most of the work, transactions, shopping, food ordering, etc is done through phones, hackers have got their hands on it.
To begin with, hackers try and persuade you to share an 18-digit pin to swap the sim card on their name and then use it in whatever way they want. Another trending way that the hackers are using to swap the sim cards is they call you as the telecom operator representative and ask you to share the 18-digit pin just received in order to link your aadhar card with the phone number.
They can also access your details and use data often exposed during data breaches or information that you share publicly on social networks to trick the call centre into changing the SIM card linked to your phone number swap the number to the sim that they have.
Anup Singh Duped of 94K Under The Sim Card Swap Fraud
One such sim card swap fraud happened with Anup Singh in the Jodhpur district of Rajasthan. Anup is 67 yrs old, a retired librarian and lives with his son. A cybercriminal called the victim pretending to be an executive of a telecommunications company and hacked the victim's SIM card by asking him to send a PIN code link the phone number to Aadhaar Card.
Talking about the fraud, he said, “I had received a call from a person who introduced himself as a manager of a telecommunications company and told me that my Addhar Card was not linked to my number. The executive further told me that if the SIM card was not linked to Aadhaar, my number would be disconnected, and to avoid disconnection, I would have to send an 18-digit PIN to the customer service number. As the executive did not ask for my bank or Aadhar card details, I sent the 18-digit PIN to the customer service number without hesitation.”
Soon, his sim got disconnected on his mobile and later he realised that 94 thousand rupees were withdrawn from his account. He soon realised what had happened to him and immediately filed a police complaint.
After investigating the case, the police officials said the victim's phone number was linked to his bank account and the scammer used his cell phone number to access the bank account. The 18-digit PIN code was actually a new SIM PIN code purchased by the scammer, when shared with customer service, it enabled SIM swapping to another operator, and the number got activated on the sim that the hacker had. After that, Anup’s SIM card got deactivated and the scammer took control of his phone number. The scammer used the phone number to complete transactions from the bank account, using the OTPs submitted for verification.
How To Prevent Sim Card Swap Fraud?
To avoid falling a victim to sim card swap fraud, keep the following points in mind.
- If your phone does not have network connectivity, check with your mobile operator for the status of their service.
- Do not share any personal or account information on the phone during an incoming call. Do not share any OTPs or codes over call or SMS.
- Sign up for both e-mail and SMS alerts with your bank.
- Monitor your bank account transactions regularly.
- Install a security application on your phone that can identify malware and Trojans.
- Beware of phishing emails and other means by which attackers may attempt to access your personal data to help them convince your bank or mobile operator that they are you.
- Increase the security of your mobile phone account with a unique, secure password and a solid question and answer that only you know.
- If your telephone operator allows you to set a secret code or a separate PIN code for your communications, consider doing so. It could provide an extra layer of protection.
- Do not create your identity and security authentication linked only to your phone number. This includes SMS, which is not encrypted.
- You can use an authenticator app like Google Authenticator, which gives you two-factor authentication, that functions through your mobile rather than the phone number.
- See if your banks and the mobile operator can combine their efforts, share their knowledge of SIM swap activity, and implement user alerts and additional checks when SIM cards are reissued.
- Banks can use technology that analyzes customer behaviour to help them discover compromised devices, warning them not to share any passwords, OTPs or codes.
- Some telecom operators call back customers to make sure they are who they say they are and to catch identity thieves, immediately block your number if you think something is fishy.
One reason why a phone number may not be the best way to verify your identity is sim card swap fraud. It is a tamper-proof authenticator. Adding extra layers of protection could help keep your accounts and your identity more secure. To know more about the latest news and cases of cybercrime, stay connected with The Digital Yug.