SIM Swap Fraud – How Fraudsters Can Con You
Fraud
25 October 2024

Vodacom

SIM Swap Fraud – How Fraudsters Can Con You

Know the threats, learn to identify them and take steps to overcome them. 

If you have ever lost or damaged your SIM card or had your phone stolen, you will know that doing a SIM swap to get a new/replacement SIM card is relatively easy. But there is a threat that comes with this convenience. Fraudsters can also approach you pretending to be you and request a SIM swap on your number. This is called SIM swap fraud.  

To perform a fraudulent SIM swap, fraudsters need certain personal and sensitive information of the victim. They get these by using social engineering schemes to deceive victims into disclosing this information. While these schemes have evolved, there are a handful of common strategies fraudsters employ to get the information they need. These include: 

 

  • Phishing: A classic scam which involves fraudulent attempts to obtain your personal and sensitive information, such as identity numbers, passwords, etc. typically via email. 

 

  • Vishing: This is similar to phishing, but this time the fraudsters use voice calls to deceive individuals into sharing sensitive information or performing certain actions. 

 

  • Smishing: This is a take on the word 'phishing,' with exploitation happening through SMS or text messages instead of email. 

 

  • Theft of documents: These include documents such as credit card statements, identity documents and the like to acquire confidential information. 

 

Once the fraudsters have obtained the required information, they are able to answer various security-related questions asked within the SIM swap process. If they are successful at the authentication stage and if the legitimate customer after receiving notice of the SIM swap request does not dispute it, the SIM swap will be processed, leaving the customer with a SIM card that is no longer active and therefore not unable to receive and make calls or text messages since their network access and all services will divert to the new/replacement SIM card now in the hands of the fraudster. 

Fraudulent SIM swaps typically target customers who use online banking facilities to commit internet banking fraud by intercepting SMS notifications, including ‘InContact’ and ‘NotifyMe’ messages, one-time-pins (OTPs) or verification numbers sent by financial institutions to the customer’s specified cell number to authenticate account activity. In lesser instances fraudulent SIM swaps are performed with a view to abuse content services, access airtime balances on prepaid SIMs, gain access to customer loyalty points, and perpetrate various social engineering attacks, including taking over WhatsApp or social media accounts.  

But you don’t have to become a victim. Protect yourself against fraudulent SIM swaps by preventing fraudsters from getting access to your personal and sensitive information. It also helps, to look out for the most common warning signs of SIM swap fraud:  

  

  • If you suddenly lose connectivity or stop receiving calls and text messages, do not assume that it is a problem with your handset or the network. Contact customer care on 082135 immediately to confirm that there has not been any untoward activity on your number – including a SIM swap request. 

 

  • If you receive an SMS message alerting you to a pending SIM swap request, do not ignore it; contact customer care (082135) immediately.  

 

  • In addition, if you receive a call or message claiming to be from customer care telling you to ignore a SIM swap notification, act urgently to report this. 

 

  • If you receive any phishing messages, (including vishing and smishing), the best course of action is to not respond or interact with the senders or callers and immediately report this to the implicated source. 

 

  • Be aware that, prior to actioning a fraudulent SIM swap, a common tactic used by fraudsters is to make nuisance calls to a potential victim in order to get the victim to switch off their phone and therefore not receive notifications of a pending SIM swap request. 

 

  • Exercise extreme caution with any requests for personal and sensitive information and don’t disclose such information to anyone, even persons claiming to be acting on behalf of your network operator or banking institution.  

 

  • Do not open emails or reply to unsolicited messages from unknown sources and never click on links in email messages from people you do not trust or know – even if these appear to come from a familiar source, such as your service provider or financial institution.  

 

  • Do not overshare personal or sensitive information online (e.g.: date of birth,  physical or email address, employment details etc.) as fraudsters often resort to social media profiles to gather information that may help them impersonate you.  

 

  • Reinforce your security across your devices & accounts and with two-factor authentication (2FA) or multi-factor authentication wherever possible - change your passwords and PINs immediately if you suspect your security has been compromised. 

 

  • If you have been a victim of an attempted SIM swap fraud, notify your service provider immediately and register a case with the SAPS. Also request your bank to block and monitor your bank accounts. 

 

For any additional information on fraud prevention, please access this link: https://help.vodacom.co.za/personal/subtopics/55/Mysecurity/354/Fraud-prevention

thumb

Vodacom

Next Article

Subscribe to our Newsletter:

Vodacom 2024. All rights reserved