Fraud alert: You may be victim of an illegal SIM swap right now -- and not be aware
Fraudsters are using this technique, wherein they divert all your banks financial alters by getting your real SIM card blocked and exchanged with a fake one, that through via your very own service provider.
What's the easiest way for someone to break into your house? The window? Not always. It could be through the door, especially if someone has a duplicate copy of your house keys. In today's times, your mobile phone's SIM card can work like a duplicate key as well, which fraudsters can use to sweep clean your savings bank account without you having the slightest hint about it. How so? Well, they use a type of fraud called SIM swap.
SIM Swap: Today, our mobile phones carry loads of information on them, from contact details, personal photos, emails and SMSs to ATM withdrawals alerts, one time passwords (OTPs) and other financial details.
Mayur Joshi, CEO, Indiaforensic.com, a company engaged in the prevention, detection and investigation of frauds, says, "Fraudsters are using this technique, wherein they divert all your banks financial alerts by blocking your real SIM card and exchanging it with a fake one -- through your very own service provider. They simple get a brand new SIM card for your registered mobile number from your service provider."Sounds shocking, doesn't it? And since they have access to your OTPs, financial accounts and card related alerts, financial frauds are committed with you even getting your bank alters.
The modus operandi: Fraudsters send you a harmless looking Trojan or malware and get access to your basic bank account basic details and your mobile number. They then approach the service provider (posing as you, with fake papers), claiming that the mobile handset (which is actually your number) is lost, or that the SIM card is not working properly. After verification, the service provider (let's not get shocked about service providers verification standards, we all know where they stand), deactivates the old SIM, which is in your mobile. The fraudsters get a new active mobile SIM card. And, since your SIM card has no network, all your financial SMSs, OPT alerts and other financial alerts or transactions confirmations fall into the hands of fraudsters.
Joshi adds, "In fact, we have heard of instances where even dishonest bank employees use customers data, including Know Your Customer (KYC) copies, to block customers' mobile numbers and making financial transactions. This way, the customer has no idea that a transaction has happened on their card or account, as he/she does not get the alerts. Indeed, he/she might think there's some issue with his network connection or that the SIM card is corrupted."
There is more to this: Joshi says, "This is a two/three level fraud. Where the fraudsters first get your bank details via phishing emails, or malware or Trojans,they block your SIM via the SIM swap technique."
Simply put, phishing is a kind of e-mail fraud technique in which the fraudster sends out genuine-looking emails/ website links in an attempt to gather your personal and financial information. Joshi further notes that by the time you realise your mobile network is down or SIM card is blocked and go to the service provider with KYC documents to figure out what's wrong, the fraudster has already shopped with your credit card or swept clean your bank balance.
What you can do about it: Let's face it, there's nothing much you can do from your side, apart from being more vigilant. Of course, today we simply can't live without mobile connectivity, which means if for some reason, you don't get network connectivity, or calls or texts for a substantial amount of time, get in touch with your service provider.
While its true you don't need us to tell you that, it needs to be mentioned nonetheless. Some service providers send text alerts before a SIM Swap, which means, you might want to read your service providers SMS carefully going forward, and not simply assume they are trying to sell you the latest lady Gaga ringtone download. Experts say, it's best to register for SMS and email alerts on your bank account or card activities. Banks may charge you a few hundred rupees, but it's certainly worth it.