People generally prefer mobile phones to log in to their banking app or any other financial transactions such as One Time Password (OTP), Unique registration number (URN), 3D secure code, etc.
This further increases the vulnerability as fraudsters conduct SIM swap/exchange and manage to get an OTP or alerts that come on that phone number. With the help of SIM swap, they get a new SIM card that has your registered mobile number through the mobile service provider.
In a tweet ICICI Bank said, "Stay vigilant and take the necessary steps by reporting this instance to your mobile network provider and by keeping a track of your network status. Beware of SIM Swap fraud. Do not switch off your phone! This could be fraudsters preventing you from noticing a tampered network connection."
How does a SIM swap function?
After getting your mobile number, fraudsters obtain your bank account details via phishing or Trojans/Malware. Under the garb of losing the mobile handset, new handset, or damaged SIM card, a fraudster approaches a mobile service provider by creating a fake identity of a genuine customer.
After customer verification, the mobile service provider deactivates the old SIM card and gives a new SIM card to the fraudster. The customer loses the network on the old SIM card and that means he/she will not get any SMS, information such as alerts, OTP, URN etc. on the phone.
With the help of phishing or Trojan/Malware, these fraudsters steal banking details and then access and operate your account and initiate financial transactions which you will not be aware of and all the SMS for alerts, payment confirmation etc. will go to the fraudster.
SIM swapping/exchange happens in a way that the fraudster sends a phishing email (or another similar phishing attempt) to get all your banking details. They also work towards getting the victims personal information and may even go as far as stealing identity and creating fraudulent ID documents.
In order to use all of this gathered information, they need access to the victim’s mobile messages - hence the SIM swap
Here’s how to keep it safe?
- Always stay alert and keep on checking the cellphone's network connectivity status. If you don’t get any calls or messages, then you should quickly find out from your mobile operator to be sure that you have not fallen victim to this scam.
- Few mobile network operators alert their customers via an SMS against a SIM swap - which means you can act and stop this fraud in its tracks by contacting your mobile operator immediately.
- Do not ever switch off your phone after getting irritated by unknown calls. Instead don’t pick up those calls as that can be a trap so that you don’t notice tampering of connectivity.
- Register for Alerts (SMS and Email) so that if you see any activity in your bank account, you will be alerted.
- Keep checking bank statements and online banking transaction history regularly to help identify any issues or irregularities.