Subscriber Identity Module SIM Swapping What is it#

SIM swapping, often referred to as SIM splitting, SIM jacking, or SIM hijacking, is the process of transferring control over your mobile device from your current SIM to another SIM under the control of a cybercriminal. Through this deception, a cybercriminal acquires access to your private information relating to your finances.

How does SIM switching affect you, why do fraudsters do it?#

When a scammer or fraudster has control over your cell phone number or mobile SIM, they may access your OTPs, PINs, and authentication text messages (SMS), which gives them access to your priceless and sensitive personal and financial information and allows them to conduct fraud.

How does Subscriber Identity Module swap work?#

SIM switching fraud is a technique used by scammers to steal your current cellphone information in order to register a new SIM card.

Your mobile phone’s Subscriber Identity Module (SIM) is a chip that instructs your phone which cellular network to join and which phone number to dial. Global System for Mobile (GSM) phones require SIM cards to store user data; without a SIM card, a GSM phone is unable to access a mobile network. It is a useful resource for scammers.

What method of SIM swapping does a fraudster often implement?#

1. Information gathering

In order to get your personal information, the fraudster uses a variety of digital social engineering tactics, such as:

  • Phishing or sending fake emails.

  • Phishing or false calls to get private information

  • Smishing, or sending false text messages (SMS), to gather data.

  • Software bugs that allow hackers to access your device.

  • Shoulder surfing or secretly peering over your shoulder while you type your passwords on your device.

  • Social media research, such as gathering information through your Facebook, Twitter, Instagram, etc. accounts.

2. New SIM card activation

The following are some methods the fraudster can complete this step:

  • Request the porting of the number to a new SIM from the cell provider. In this method, the fraudsters phone the service provider or cell operator after gathering your personal information, pretending to be you, and providing your information by responding to pertinent identification questions. They ask for the transfer of the cellphone number to the new SIM card after persuading the operator. The porting request is made on a variety of pretenses, such as the phone being stolen, lost, or damaged, etc.,

  • Enquire the mobile provider to disable the SIM. Here, fraudsters ask the mobile provider to disable the current SIM under the guise that the phone has been lost or hacked while presenting them with phony ID evidence that includes information they have obtained from you. The scammer then seeks to register the same number with a new SIM while still using the same false ID.

  • Activating the SIM swap before the subscriber does. In this method, the fraudster calls you on the phone pretending to be a service provider executive and offers you a better plan, more data, better mobile coverage, etc. in exchange for sharing your 20-digit SIM card number. The fraudster activates the SIM swap after getting your SIM number and requests that you press 1 to confirm the SIM change.

3. Taking control

Once the new SIM card is activated using your number, the fraudster has access to all of your mobile operations, passwords, codes, PINs, OTPs, and other information. They may then use this information to access your bank accounts, shop online, hack your social media accounts, and do other things. The fraudster can access your bank accounts and any applications without passwords by switching the SIM card and stealing your cell number. Therefore, this scam poses a serious hazard to users of mobile devices.

See also

Do you want to get practical skills to work in cybersecurity or advance your career? Enrol in MCSI Bootcamps