In the current age we are living in a parallel virtual world where mobile phones have become an integral part. With the help of a mobile phone, the technology has made everything available on the go for us. The mobile phone has revolutionized communication and enabled transaction of every kind possible at the click of button.
This wide spread prevalence and usage of mobile technology, has lured the cyber criminals to resort to new and sophisticated ways of committing cybercrimes and frauds. Mobile SIM swapping and SIM cloning are two such kinds of cyber frauds, being practiced by fraudsters for cheating the mobile subscribers.
SIM Swapping and Cloning are online scamming methods in which the fraudsters gain control over your phone number and your mobile is compromised.
What is it ?
SIM Swapping also known as SIM splitting, SIM jacking, SIM hijacking is basically taking over the control of your mobile operations from your existing SIM to another SIM, that is in control of the cyber fraudster. The cybercriminal gains access to your sensitive personal and financial related information through this fraud.
Why do fraudsters resort to SIM swapping and how does it affect you?
Having control over your cell phone number or mobile SIM, will enable the scamster/fraudster to have access to your OTPs, PIN numbers and authentication text messages (SMS), which gives them access to your valuable and sensitive personal and financial information to commit frauds.
How does SIM Swapping take place?
It is by managing to register a new SIM card with your current mobile details that the fraudster resorts to SIM swapping fraud
A Subscriber Identity Module (SIM) is a chip in your mobile phone, which tells your device which cellular network to connect to, and which phone number to use. A SIM, stores user data in Global System for Mobile (GSM) phones, without a SIM card, GSM phone will not be authorized to use a mobile network. It is a valuable source for fraudsters.
What is the Modus Operandi of SIM Swapping usually followed by fraudsters?
Step 1: Information collection
The fraudster employs various digital social engineering techniques to extract your personal information, they include -
- Phishing or sending fraudulent mails to collect your personal information.
- Vishing or fake calls to collect personal details
- Smishing or fake text messages (SMS) to collect information.
- Malware or software attacks to hack into your device.
- Shoulder surfing or stealing your passwords by sneakily looking over at you while typing it in your device.
- Social media research or collecting your details from your accounts in face book, twitter, instagram etc.,
Step 2: Activation of new SIM card
The fraudster may carry out this step in the following ways:
- Request mobile operator to port the number to new SIM In this approach, after collecting your personal details the fraudsters calls the service provider or mobile operator, impersonating you and giving your details by answering relevant identification queries. After convincing the operator, they request for porting the mobile number to the new SIM card. The porting request is done on various pretexts like mobile being lost, stolen, broken etc.,
- Request the mobile operator to block the SIM Here the fraudsters approach the mobile operator with a fake ID proof with details collected from you and ask them to block the existing SIM on the pretext that the mobile is lost or hacked. Latter using the same fake ID, the fraudster requests for registering the same number with new SIM.
- Making the subscriber activate the SIM swap In this approach, the fraudster makes a fake call to you posing to be executive of service provider and in the pretext of offering you better package or data or mobile coverage etc., convinces you to share your 20 digit SIM number available on the SIM card. Upon collecting the SIM number the fraudster activates the SIM swap and asks you to press 1 to authenticate the SIM swap.
Step 3: Taking control
Once the new SIM card is activated with your number, the fraudster gains access to your mobile operations, passwords, codes, PIN, OTP etc., through which they can operate your bank accounts, do online shopping, hack your social media accounts etc., By swapping the SIM and hijacking your mobile number the fraudster can access your bank accounts and all applications even without passwords. Therefore this fraud can cause a grave threat to the mobile users.
What are the signs of SIM Swapping?
Many a times it is seen that the subscriber may not even realize that their SIM is Swapped or cloned. By the time they understand the issue and act on it, the fraudster would have caused the irreversible loss.
It is therefore necessary for any individual to be aware and alert about the following signs that may indicate SIM Swapping:
- Inability to make calls or send text messages
- Mobile signals not being available for extended period of time
- Social media accounts being hacked can also be a sign
- Inability to login to any of your mobile applications
- Your login credential for various personal and financial accounts, not being
- Notification that your mobile number or SIM card has been activated elsewhere
- Notification that your password or PIN numbers are changed or accessed
What are the Security measures to be adopted against SIM swapping?
To stay protected and secure yourself against SIM swapping, the following precautionary measures are helpful:
Never disclose or share private sensitive information
Ensure that you do not share your private sensitive information online on your
social media account. Also never disclose it to anyone else either over mails, calls or text messages.
Ex.: Address, bank details, credit/debit card details, aadhar, PAN card no. etc.,
Have a separate PIN for your communications on your mobile
In case your service provider has this feature, have an additional layer of security by having PIN for your communications on your mobile.
Set strong and unique password for your mobile
Ensure that you have a unique and strong password for your mobile
Do not make your mobile number the sole authentication method for your
You can use your mail id or authentication app such as Google authenticator,
which is tied up to your physical device rather than your mobile number.
Avoid syncing your mobile with other devices
Avoid synching your mobile with other devices like company owned computer etc., as it may provide opportunity for malicious mobile applications to snoop into other devices with sensitive information.
Register for regular SMS as well as e-mail alerts for your banking transactions
This will alert you of any transactions that may happen without your knowledge, enabling you to take immediate corrective steps.
Do not switch off your mobile for long period of time
This will make you unaware about the connectivity issues if any on your mobile. It is also seen that sometimes the fraudsters make continuous disturbing calls to the subscriber in an attempt to make him switch off the phone to carry out their operations.
Never give undue information or permissions to the apps being downloaded on your mobile. Install anti-phishing and anti-malware protection on your device.
Do not tamper with the security settings on your mobile and only always use genuine softwares only.
What is it?
SIM Cloning in basically creating a duplicate SIM from the original one. It is similar to SIM swapping. However this is a technically sophisticated technique, where software is used to copy the real SIM card. It is done to get access to victims International Mobile Subscriber Identity (IMSI) and encryption key, which are used to identify and authenticate subscribers on mobile telephony. Cloning the SIM will enable the fraudster to take control and track, monitor, listen to calls, make calls and send texts using the mobile number.
Why do fraudsters resort to SIM cloning and how does it affect you ?
SIM cloning enables the fraudster to stealthily operate victims mobile by monitoring mobile phone, listening to their calls, tracking their location, gaining access to their personal and financial accounts etc., It enables the fraudster to impersonate the user by making calls or sending text message from the victims number. The two-factor authentication mechanism will enable the fraudster to change the passwords of victims account as he has access to incoming messages, through SIM cloning. The fraudster can easily hack the victims personal and financial accounts , have access their passwords, PIN, OTP etc., and resort to financial scam, blackmail etc.,
How does SIM Cloning take place?
In SIM cloning attack, the fraudster gains access to the victims physical SIM card and uses a smart card copying software to create a duplicate of the original SIM. In the process they get access to the IMSI (International Mobile Subscriber Identity) number of the SIM card. They may also resort to remote hacking, by breaking the encryption of updates sent to the SIM via SMS using over-the-air (OTA) communication.
About IMSI Number of the SIM
Every mobile SIM card issued by Telecom Company has an IMSI (International Mobile Subscriber Identity) number. This IMSI number is a 15 digit code that linked to that specific SIM, identifying and authenticating the individual subscriber owning the SIM card. It indicates the subscribers country, mobile network among other details to identify a mobile phone.
What is the modus-operandi to clone a SIM card?
The following is the usual process usually followed by fraudsters to clone a SIM card.
Step 1: copying the original SIM using software tool
The attacker gets an access to the physical SIM card and places it into a card reader, which is attached to a computer with duplication software installed in it. This software will then copy the number on to a new/blank SIM available with the fraudster.
Step 2: contact victim with a request to restart the mobile
The fraudster will then send an SMS to the victim with a request of restart the mobile on some pretext. Once the victim switches off his mobile, the fraudster starts the phone with duplicate SIM in his control, before the victim restarts his mobile. This act will successfully initiate/activate the mobile with cloned SIM card.
Step 3: Take over the control
Once the cloned SIM is successfully initiated the attacker will take over the victim’s mobile number, SIM and his account.
What are the signs of SIM Cloning or how can you know that your SIM is cloned?
- The victim will not be able to receive or make calls or SMS from their mobile number.
- You can observe calls being made to unrecognized numbers from your mobile, when you observe the calls/mobile bill statement.
- You receive text messages posing to be from the service provider to restart your mobile.
You may be able to locate your device elsewhere when you track the location of mobile using services like Find my iPhone or Google find my device.
You may notice unexplained expenditures in your bank statements.
You may notice that your passwords are changed and you are unable to access your accounts. This is possible as your PINs or passwords can be accessed and changed by the fraudster using the two factor authentication method, to which he will have control after SIM cloning.
What are the Security measures to be adopted against SIM cloning?
- Do not make your mobile number the sole authentication method for your
- identity verification
- Avoid syncing your mobile with other devices
- Register for regular SMS as well as e-mail alerts for your banking transactions
- Do not switch off your mobile for long period of time
What action should you take if you suspect being a victim of SIM Swapping or Cloning?
- Immediately contact the service provider immediately, in case you find that your mobile number is inactive or out of range for long time. Take back the control of your mobile number, with changed password.
- Verify and change or reset the passwords and PIN numbers of your sensitive financial accounts and social media accounts.
- Check your financial statements like credit/debit card, bank, payment apps and other financial accounts for any unauthorized charges/changes. Immediately report about any changes or charges to respective authorities.
- In case of a SIM fraud, contact phone banking immediately to have your account blocked and avoid further fraud. Latter submit your identity documents by writing the proper reason and sign for getting the new SIM.
- Check for any authorized posts or activity on your personal or social media accounts. In case you notice any such posts take corrective steps and inform the social media help Centre to regain control of hacked account.