Never mind losing your ID book or credit card – have you considered how much of your personal info is stored on the SIM card in your phone? By now you’ve probably come across stories about the dreaded SIM card swap and of bank accounts that were cleared out in the blink of an eye.
What is SIM card fraud?
How does it happen and what can you do to prevent it?
A typical scenario is this: you receive an email or SMS supposedly from your bank, or SARS, or even from the national lottery claiming you’ve won millions. There’s a link in the email or SMS enticing you to log in to your internet banking, via a fake page the scammers have set up especially to get your secret log in details. This is called ‘phishing’.
Most people who use internet banking have their OTPs (one-time pins) and other verification numbers SMSed to their phones before they transact online. Having already fleeced you of your log-in details, what fraudsters now need is your SIM card – and they don’t even need to steal it out of your phone.
All they need to do is go to your service provider pretending to be you, and say that your SIM card has been lost, destroyed or stolen and be issued a new one linked to your cellphone number – the very one that your top-secret OTPs and ‘In Contact’ messages from your bank are sent to.
It’s that simple. Worst case: your bank account is cleared out instantly. In less serious cases your airtime balance or loyalty points might be stolen.
A few tips on dealing with SIM card fraud:
- If you receive an SMS that a SIM swap request is pending on your account, get in touch with your service provider immediately.
- The same goes if someone calls you up, telling you to ignore an SMS about a pending SIM swap request. Don’t ignore it!
- How do you know if your SIM has been swapped? Two ways – you won’t receive SMS notifications from your bank anymore, and/or you suddenly can’t make or receive calls or messages.
- If you suspect SIM card fraud, tell your service provider to deactivate your SIM card immediately.
Don’t get phished:
- If you receive an unexpected email or SMS from your bank, no matter how genuine it looks, be suspicious. Call your bank’s customer centre to confirm if necessary.
- Don’t respond to these emails or SMS messages, and don’t click on any links.
- If you do need to log into your internet banking, always do so by typing the address directly into your browser, and not following a link.
- Don’t do your internet banking on a public computer, such as at an internet café or your local library.
- If you encounter an unprotected, free Wi-Fi spot, don’t log onto it – a scammer could have set it up in the hopes that they can skim personal details from you while you’re using it.
- Remember: your smartphone or tablet contains valuable info that fraudsters would love to get their hands on. Password-protect your devices and set the screen to lock after a minute of inactivity.
- Many devices have a ‘Find my Phone’ function that allows you to remotely wipe your device if it is lost.
- Don’t save your pins or passwords for any personal accounts to your device.
- Use strong passwords, and change them regularly. Don’t fall into the habit of using just one password for all of your accounts.
Take a look at a full list of common scams and hoaxes here.