A SIM swap fraud happens when someone steals your personal phone number and assumes your identity. The fraudster registers an existing mobile number on a new SIM card which they buy from local shops pretending that they are the original owner who have lost their SIM card. This makes it very easy for such an individual to access most of your private data, including email, social media accounts and bank accounts through mobile apps.
The fraudster will often access these details by intercepting the confirmation codes that were supposed to be texted to your device. This way, the fraudsters can clear your bank accounts, withdraw overdrafts, take loans, and even use your e-mail to get your family and friends’ contacts. Long before the victim gets wind of the SIM swap, they are left with empty accounts that they cannot access.
The possibilities of what can be done by fraudsters once they gain access to one’s SIM are mind-boggling. The digital criminals can successfully register an existing phone number on a new SIM card with the sole purpose of intercepting notifications, one-type passwords, online banking profile and transactions as well as changing the account security settings.
How SIM swap fraud occurs
SIM swap basically is a form of identity theft. In other circles, it’s called impersonation. The fraudster would call you, and play mind games on you. For instance, after you’ve received the call, he or she will refer to you by your full name, saying they’re calling you from your network service provider. They’ll thereafter read out your full ID number, and go ahead to ask you to confirm if the digits are correct. They do this to win your confidence. That’s what they want at stage one, before continuing with the fraud.
Stage two of their deceit is issuing out instructions. They’d be calm and patient, and you wouldn’t know that the commands that they’re making lead to them either getting more information about your mobile money or allowing them to activate the SIM swap prompts. Some victims are asked to dial the USSD code 33*0000*, #253257# or #72786#. These codes basically send a command that you’ve lost your SIM card, and are, therefore, initiating a swap process. Once you initiate the swap process, the network on your gadget disappears.
While offline, and maybe attempting to visit your network provider’s shop, the fraudster, armed with your details, would have already called your service provider, claiming that they’ve lost their SIM, and want to renew it. They will provide your details to the mobile service agent, who, unbeknown to them – or out of naivety – will help in activating the line. The fraudster, thereafter, access your mobile money, mobile banking, credit facilities, among others, to wipe out funds from the accounts.
How to tell if you’re a target of SIM swap
You can tell when your SIM card is a target of SIM swap, when you’re having no cell phone service despite there being good network coverage could be an indicator of an ongoing SIM swap. Also, being locked out of your phone’s online accounts, or mobile banking applications could be an indicator that a SIM swap is underway and/or has already been conducted. Getting phone notifications or prompts for things you have not authorised or asked for could also be caused by a SIM swap.
Getting incessant calls especially from strange numbers could also be an indicator of a looming SIM swap. The callers want you to switch off your phone and thus successfully perform the SIM swap. Should you note any of these pointers, it is time you inform your mobile service provider and inform them that you have not requested for any changes. It is also important to reach out to your bank and check on the transactions and sieve to sort any suspicious activities or transactions not initiated by you.
How to prevent SIM swap
Here’s how to avoid falling victim for SIM swap fraud.
1. Limit the amount of personal information you share online
Fraudsters often monitor our digital footprint and will pick the smallest details to convince your mobile service provider that they are you. Avoid posting anywhere public your full name, address, phone number and birth date. Also, do not over share details of your personal life on social media. Other than online, one should be very careful about leaving ID numbers and mobile numbers in public spaces as these details can be lifted by fraudsters from books, often left at building’s security checkpoints, to attempt SIM swaps.
2. Use strong passwords and security questions
Always use a password that is very difficult for anyone, including your closest acquaintances, to guess. It is recommended that the password should have 12 characters or more to protect your cell phone’s online account as well as that of other mobile apps such as mobile banking apps. If possible, use identity questions that are unique to yourself. Learn how to create a strong password.
3. For mobile banking apps, use both face and touch identification authentication whenever possible
Before installing a sensitive app such as a mobile banking one, ask the providers if they have a two-factor biometric system for identification and use both of the features when accessing the application. For instance, use both the fingerprint and facial identification features when using a mobile banking app.
4. Beware of phishing emails, texts and calls
Look out for impostors posing as staff from your mobile service provider or reputable financial institutions seeking private information from you. Hang up immediately and report the number to the relevant authorities.
5. Replace SIM card at the operator’s shop or care desk
A user can prevent the SIM swap by dialing *100*100# from your phone. This is a service that ensures that a customer’s line/SIM card can only be replaced by visiting the operator’s shop or care desk with your ID, or by calling the customer care.