Imagine Someone Transferring big money from your bank account by just giving miss call – How it would be? For many people, it would be a nightmare. In one recent cybercrime case fraudster managed to dupe one person and take away 50 Lakh via fraudster transfer from a bank account.
Yes! In the recent Delhi case, a cybercrook made a big transaction of 50 Lakh from the bank account without asking for the OTP, just by giving repeatedly giving missed calls on a mobile phone. This is the new modus operandi of SIM swap fraud.
I tried to get some more details and more specifically some points that can prevent you from this type of cybercrime. Continue Reading to get the details.
Money Fraud with Just Miss Call – 5 Tips to Prevent
The incident detail is like this. The incident took place on October 10.
One big company director of security services firm received missed calls between 7 PM-8:44 PM.
He responded to some calls and ignored others. It is but natural behavior.
He checked his phone to check messages of RTGS transactions worth of nearly Rs 50 lakh.
Target finds multiple text messages from the bank informing about transactions.
A number of RTGS transactions worth over Rs 50 lakh carried out by crooks from the current account of the man’s company, this is as per the report.
Now cyber crime department suspect that it is due to SIM swap fraud. ‘SIM swap’ may have been carried out by the crooks.
It seems RTGS transfer and OTP is enabled over another phone using SIM Swap. They may have overheard the OTP being mentioned via IVR through a parallel call. This was the main reason for this fraud.
What is SIM Swap/SIM Cloning?
SIM Swap or SIM Cloning means Fraudsters gain access to the customer’s Subscriber Identity Module (SIM) card or may obtain a duplicate SIM card (including electronic SIM) for the registered mobile number connected to the customer’s bank account.
SIM Swapping is also known as SIM splitting, SIM jacking, and SIM hijacking. It is taking over the control of your mobile operations from your existing SIM to another SIM, that is in the control of the cyber fraudster. The cybercriminal gains access to your sensitive personal and financial-related information through this fraud.
Fraudsters use the OTP received on such duplicate SIM to carry out unauthorized transactions.
Fraudsters generally collect the personal / identity details from the customer by posing as a telephone / mobile network staff and request the customer details in the name of offers such as – providing a free upgrade of SIM card from 3G to 4G or providing additional benefits on the SIM card.
Steps by cybercriminals to do SIM Swap.
Step 1: Information collection
The fraudster employs various techniques to extract your personal information, they include –
- Phishing or sending fraudulent emails to collect your personal information.
- Vishing or fake calls to collect personal details
- Smishing or fake text messages (SMS) to collect information.
- Malware or software attacks hack into your device.
- Shoulder surfing or stealing your passwords by sneakily looking over at you while typing it on your device.
- Social media research or collecting your details from your accounts on facebook, twitter, Instagram, etc.
Step 2: Activation of new SIM card
The fraudster may carry out this step in the following ways:
Request the mobile operator to port the number to a new SIM
In this approach, after collecting your personal details the fraudsters calls the service provider or mobile operator, impersonating you and giving your details by answering relevant identification queries. After convincing the operator, they request for porting the mobile number to the new SIM card. The porting request is done on various pretexts like mobile being lost, stolen, broken etc.,
Request the mobile operator to block the SIM
Here the fraudsters approach the mobile operator with a fake ID proof with details collected from you and ask them to block the existing SIM on the pretext that the mobile is lost or hacked. Latter using the same fake ID, the fraudster requests for registering the same number with new SIM.
Step 3: Taking control
Once the new SIM card is activated with your number, the fraudster gains access to your mobile operations, passwords, codes, PIN, OTP etc., through which they can operate your bank accounts, do online shopping, hack your social media accounts etc., By swapping the SIM and hijacking your mobile number the fraudster can access your bank accounts and all applications even without passwords. Therefore this fraud can cause a grave threat to the mobile users.
What are the signs of SIM Swapping?
Many times it is seen that the subscriber may not even realize that their SIM is Swapped or cloned. By the time they understand the issue and act on it, the fraudster would have caused irreversible loss.
It is, therefore, necessary for any individual to be aware and alert about the following signs that may indicate SIM Swapping:
- Inability to make calls or send text messages
- Mobile signals not being available for an extended period of time
- Social media accounts being hacked can also be a sign
- Inability to login to any of your mobile applications
- Your login credential for various personal and financial accounts, are not being functional.
- Notification that your mobile number or SIM card has been activated elsewhere
- Notification that your password or PIN numbers are changed or accessed
5 Tips to Prevent Money Fraud
#1 Never disclose or share private sensitive information
You should never disclose private sensitive information online or on social media accounts or verbally over the telephone. The information such as PAN card number, Aadhar card Number, Birthdate etc.
#2 Set a strong and unique passwords for your mobile
Ensure that you have a unique and strong password for your mobile. If you can’t remember the password keep a strong pattern that is difficult to guess.
#3 Do not make your mobile number the sole authentication method for your
You can use your mail id or authentication app such as Google authenticator, which is tied up to your physical device rather than your mobile number.
#4 Register for regular SMS as well as e-mail alerts for your banking transactions
This will alert you of any transactions that may happen without your knowledge, enabling you to take immediate corrective steps.
#5 Do not switch off your mobile for long period of time
Many times fraudster tries to do continuous disturbing calls to make you switch off your phone to do this scam. So, do not switch off your mobile for a long period of time.
This will make you unaware of the connectivity issues if any on your mobile.
I hope now you have got a complete understanding of SIM Swap fraud. For more information please send me an email on email@example.com