How to Prevent SIM Swapping
Now, for SIM Swapping, it is a type of attack that has been there for quite a while but nowadays it has become more fashionable in hackers. It consists of something as simple as getting a duplicate of the SIM card of the victim, through the mobile operator which they use to bypass the 2-step verification (OTPs & PINs that come to SIM) process to gain access to the victim's bank account, credit card numbers and other personal information. It is difficult to identify and very difficult to get rid of.
To carry out a "SIM swap", it is necessary to collect as much information about the victim. They can send phishing emails that emulate those usually sent by recognized companies such as credit cards or insurance or they can call you interpreting as if they are calling from a bank to issue you a credit card with a higher limit for which they want to verify your details.
The idea is to have access to your legal names, birth dates, phone numbers, and address.
After the hackers have your personal information now they will try to swap your SIM. It goes like this...
You get a call from the hackers
You: - Hello
Hacker: - Am I talking to Mr. Anand?
You: - Yes
Hacker: - Sir, I am Jay from Airtel, Delhi. We have received your number which is 9982 ****** 71. Your current location is Vikas Puri. I want to convey that the tower is being maintained in this area by the Airtel Company. Because of which your signals may drop. We are calling all customers in this area to share this update. You have to go to your nearest retailer store of Airtel within 7 days to deposit your old SIM and take a new SIM. Only then you will get the signals correctly. However, if you want, I can do all this process on this phone right now so that you do not have trouble.
You: - Sir, what would be better than this? Please get this done on the call itself so that I do not have to go out.
Hacker: - Sure Sir! I am generating a code on your phone. You will receive this in your inbox. And you have to go to the inbox and type that code and send it to 121.
You: - Sir, as you told me I sent the message. From there I have received a response.
Hacker: -Yes Sir! Now you have to write 1 inside the same message.
You: - I have sent that message too.
Hacker: - Thanks, Sir! Your confirmation has come to us. We will be upgrading your SIM. Thank you, have a great day ahead (while in reality, bad things have just started).
Friends, the message that is being sent during this call contains the number of a new SIM. This will automatically turn off the old SIM and the new SIM will be allocated which the hackers will have access to.
Most operators will not do this if the customer does not respond to the security questions information. And that's why these thugs are looking for as much information as possible about the victim.
Once they gain access to the victim's number, the criminals focus on their bank account.
Many banks send a security code to access an account or to change a password of the account. This means that the attacker can request and receive the access code for your account and then do his dirty work.
The third technique is used with the help of MNP(Mobile Number Portability). In this, hackers try to get the MNP code which the victim receives via SMS on his/her phone. Hackers can use this code to port the victim's number on to a new SIM of some other operator within 7 days.
How to Identify This
It is difficult to detect this type of fraud before it happens. Most victims only realize when they can not make a call or send a message since the SIM card they have is disabled. The most common way to prevent it though is to apply your common sense.
1. You have to avoid sharing a lot of information on the internet and check what kind of alerts or updates you have with your bank and mobile operator in order to prevent this from happening.
2. Do not share OTP with anyone. Do not give credit card or debit card details.
3. If you have linked your mobile number to your bank then also link your personal email ID as well. So, if the hacker withdraws money, though you will not get a notification SMS because your SIM is locked. At least you will get all the notifications via email.
4. Always keep all security features related to social media on so that those people can see your information, which you want. Do not add strangers.
5. Do not open the message or email sent by unknown people to social media or email. It can contain a virus that can share all your information to hackers.
6. If you do mobile banking, download the Trusted Mobile App.
7. Use trusted e-wallet and keep the limited amount required in e-wallet.
8. Do e-shopping only on trusted websites.
9. Make the women and the elderly in the house aware of this. Hackers easily obtain confidential information from them.
10. Do not SMS the number of the base card to the unknown mobile number. Register your own Aadhaar card by visiting the bank.
If you are a victim of this fraud, it is not the end of the world, because acting quickly can prevent the thugs from stealing all your money. If you suspect that you have been a victim of SIM swap, contact your operator and bank immediately.