Blog Detail

SIM SWAP Scams are Rising, Know-How not to become a Victim


The number of SIM swap cases has risen to three times in the last five cases. In 2015, people only reported 144 cases in the UK. At present, there are more than 483 cases all around the UK. It's not just the UK where people are losing their bank accounts due to SIM Splitting, other two noteworthy countries where people reported these scams are India and Nigeria.

Criminals swap SIM to get full control over the bank and other accounts of a person with two authentication factors or code. They get access to accounts, change their personal details, and start exploiting it.

As more and more cases are reported, getting an idea of what SIM SWAP is and how not to become a victim is essential knowledge.

What is SIM SWAP SCAM?

It is also known as SIM Splitting, SIM Swapping, SIM Jacking, Port Out Scam, and Smishing. Two-factor authentication is regarded as one of the most effective security measures for your online accounts on social media and banks. According to this method, a person doesn't only add a password but also provides (One-Time-Password/ OTP) to make a transaction or login to his account.

He gets OTP on his phone number via text or phone call. Criminals have found a way to circumvent this most robust security measure through SIM smishing. They SWAP your SIM by making the phone company think that you have lost your phone, and you need this SWAP on your new mobile.

Losing a phone and swapping SIM to a new phone is a common thing. For this swap, a person needs to share his personal details like name, birth date, maiden name, secret question answer, etc.

These days, getting access to these personal details is not difficult. Criminals get access to these details in the following ways:

  • bribe the phone company's employee and access the personal data of anyone.
  • stalk their target on social media where people share it all
  • do data mining online by hacking the company's security system

Once criminals get all the details, they call the phone company and pretend to be the victim. When a company asks for personal details, they provide it and pass a security check. Next, they request a SIM Swap and change all personal information.

An Incident That Leads to SIM SWAP Awareness

People didn't know hackers hijacked much about SIM Splitting fraud until Jack Dorsey's Twitter account. Jack Dorsey is the Chief executive officer of Twitter, and his SIM swapping created a buzz on social media. The criminal held his account for 30 minutes and posted tweets of profanity, Adolf Hitler, and a racial slur.

Dorsey wasn't the only victim; some weeks later, another incident was reported. Jack Monroe, the food writer, and campaigner lost 5000 pounds from his bank and payment accounts, which were accessed through the hijacker's phone.

After investigation, it was clear that Dorsey and Monroe were the victims of SIM SWAP fraud. Action Fraud has shared some statistical data that explain that SIM Smishing incidents have been rising since the last five years. Thousands of people have lost their accounts, and this scam has made UK residents lost 10 million pounds all those years.

Security measures for phones and financial accounts have changed a lot over all those years, but the rate of fraud remained consistent throughout this time. Some cases were nothing but an inside job where Telephone company's employees leak data to criminals for money. In contrast, other SIM Swap scam cases were all about those criminals who knew all about the right mixture of confidence tricks and online stalking.

The latest method of SIMjacking is one where criminals request PAC (porting authorization code). Through this code, they quickly port the victim's number to a new network. Once they own the victim's number, it's time to intercept bank authorization sent through SMS or other codes to the same number on different networks.

How to Know That You Have Become a Victim of SIM Swap Scam?

As soon as your number is ported to another network or swapped to another phone, your SIM will stop working. Worst of all, your financial and social accounts will be compromised because criminals don't take much time to change the main accounts' personal details. People lost their Instagram, Facebook, and bank account due to such scams.

You may or may not get a text message or email before the swap takes place. If it happens, immediately contact Your telephone company and report the incident. Ask them to look into this matter. Your bank accounts provider and tells them that your account has been taken over by criminals so that you won't lose all your money.

Many cases are reported by people where criminals quickly change details and make significant money transactions or payment transfers to another account. Bank has the policy to defend itself from this scam activity.

The telephone companies receive the major criticism for making this swap and not taking strict measures to stop such activities. Although many security checks are put in place, criminals still access the most important details that lead to cybercrimes and identity theft problems. Banks may investigate the matter and stop future transactions due to this scam, but they may or may not return the money the criminal already withdrawn. They have a valid argument that they don't have any control over Phone number swapping.

Our industry relies on Mobile phone companies for ID checks. Therefore, they need to introduce the best security measures to mitigate these threats associated with SIM smishing scams. If your account is hijacked by criminals and the bank is not helping much with disputed transactions, you can get help from the Financial Ombudsman service.

They will investigate the case by taking a 360 view of the transaction. These service providers listen to every party and gather all facts. Before they decide about disputed transactions, they consider laws and regulations, terms and conditions of accounts, and industry codes.

How Not to Become a Victim of SIM Swap Scam?

Here are some precautionary measures that will create a security net around your phone number and financial accounts.

  • Never open unsolicited messages and emails. Hackers can easily access your personal data and essential information in this way.
  • Do not respond to an unsolicited call. If a criminal pretends to become a network service provider or some professional from a phone company, do not share any personal details.
  • Be smart and see what is coming.
  • When it comes to social media, make sure you do not overshare your personal details, name of your first school, pet, children's name, birth dates, etc. Hackers use first school and pet names to answer the most frequently asked questions related to your account.
  • Immediately contact the telephone company and bank if your SIM stops working.
  • Always use a unique password; do not use the same password for all accounts. Do not keep a pet name as your password.