Beware of SIM Swap Fraud – Hacks Your Phone and Steals Money from Bank Account without your Knowledge.
Various messages doing rounds online since at least 2018 warn Smartphone users of SIM Swap Fraud growing over years. Fraudsters hack your phone and use the technique to gain access to your bank details before stealing off money. And all this usually happens without the victim’s knowledge. So, let us learn about how the SIM Swap Fraud works and find out ways to protect yourself from it.
What is SIM Swap Fraud
In cases like phone problem, loss of phone, or while switching service to a new phone, a customer can seamlessly port his telephone number to a device containing a different SIM (subscriber identity module). Fraudsters exploit this feature from a mobile phone service provider. They clone a user’s original SIM and get access to the victim’s mobile phone, thereby gaining access to his online bank account for stealing money.
First, a fraudster will gather personal details of the target victim using phishing emails, buying them from organized criminals, or by socially engineering the victim. Typically, the fraudster calls you acting as your service provider and offers some fake upgrades or information related to services. To avail the upgrades, the fraudster asks you to confirm a few important details. You then get an SMS or email carrying some kind of Trojan or malware to access your basic bank details and other information. After gaining your details, they approach your service provider in your name and request for SIM swap using some fake documents. In some cases, SIM numbers are changed directly by telecom company employees bribed by the criminals.
Within few hours, the company deactivates your old SIM, and issues a new SIM to the fraudster. Notably, in such cases, the new SIM will have all the data from the old SIM like contact lists, SMSes, emails, apps, messages, photos and other media. Likewise, the fraudsters can access all your mobile data with the cloned SIM, and use it for wiping your bank account clean.
During SIM Swap, your SIM will show no signal or network. And because the deactivation usually happens at night, you may not be alerted to your mobile phone with no network. Note, using SIM Swap the fraudsters can also take over your entire online presence.
Some Notable Cases
Using the SIM swapping, a number of high-profile hacks have occurred, including some on social media sites like Instagram and Twitter. In September 2019, Twitter co-founder and CEO Jack Dorsey’s Twitter account was hacked using this method. In June 2019, Matthew Miller, a contributor to ZDNet website also fell victim to SIM Swap. His Google and Twitter accounts were stolen and $25,000 was withdrawn from his bank account for a Bitcoin purchase. In June 2019, a senior citizen in India lost 25 lakh rupees from his bank account to such SIM swap fraud. FBI and U.S. Department of Justice have reported an uptick in SIM swapping crimes in 2020. They pointed the criminals are more often stealing digital currency using information found on social media.