Sim Card Frauds - LC must escalate this

Read about how sim card frauds are happening. LC must escalate the need for a SIM password and email validation for sim card reassignment by operators.

This is how sim card frauds are taking place:

Hackers hijack SIM connections in three ways. The most prevalent one is called “SIM swapping over a call". In this case, they first gather information on targets—their full name, address, mobile number, date of birth, passcode or Aadhaar number — through phishing scams or leaked databases found on the dark web (that portion of the web that is not traceable by search engines).
Then they will call the target, pretending to be a customer care executive from the operator, in the name of upgrading to new services. They will ask the target to share their SIM card’s ICCID (integrated circuit card identifier) number—a 19-20 digit serial number specific to the SIM.

Once they have the details, they will call the operator, impersonating the actual user and use this information to pose as the user.
Once the SIM swap request is initiated, the operator sends an SMS for authentication and users have to acknowledge it by tapping a single key or a bunch. The hacker will tell users in advance about this SMS so the latter easily falls for it.
Once the SIM swap is complete, the original SIM will be deactivated and the number will be active on the duplicate SIM owned by the hacker.

The second method is “SIM swapping in person" and is likely to be used by small-time cybercriminals. In this case an impostor will visit an operator’s retail outlet with fake documents pretending to be the actual customer and try to get a duplicate SIM card issued.
Another way to take control over a person’s mobile number is through SIM cloning, but that requires the hacker to have physical access to the SIM card to break the encryption keys and extract the IMSI (international mobile subscriber identity) number—a unique 15 digit code that identifies the SIM to the GSM (global system for mobile communications) network. Unlike SIM swapping, in this case both the original SIM and cloned SIM remain active simultaneously.

SIM hijacking has recently become particularly popular because mobile numbers are being used by various applications, including popular social media platforms, as an identifier, and to enable account recovery and second factor of authentication via SMS confirmation. Therefore an attacker who successfully swaps the SIM card is able to take over an account that uses that phone number as an identifier and as an SMS recipient for the second factor of authentication. more  

View all 10 comments Below 10 comments
Thanks for the Infos. more  
Wonder as to how did you know of these techniques used by criminals? Have you got any personal experience or are these mere assumptions shared to scare readers? more  
Very useful more  
ICICI Lombard not honouring Claim even after premium for five years. Be careful. more  
Mobile design need to add buttons for inserting/ releasing sim and clear Memory. more  
Post a Comment

Related Posts

    • Fixing MRP of essentials during covid-19

      See what has been done here in Noida in attached. They have fixed maximum retail prices of all essentials. Why cant the Govt of india fix a MRP for all essentials across India.

      By Radha Puri
      /
    • Good News on essential goods

      Central Govt Has expanded exemption list and Transportation of all goods without essential & non-essential goods allowed. Products: Soaps, Disinfectants, Hand washes, Shampoo, toothp...

      By Vinita Agrawal
      /
    • Shared this from Transforming India

      Everyone please vote on this poll. No sanitisers are available in the market. If you found one this week please share location to buy from. Genuine company product like dettol lifeboy g...

      By Vijaya Nair
      /
    • 3 months moratorium for EMIs

      Great move by RBI. All Banks, HFCs, NBFCs allowed 3 months moratorium for EMI. So if you are unable to meet EMI obligations, no issues. Pay Your bank by June 30th.

      By Arjun Singh
      /
    • Essential Availability situation and list

      Really appreciate localcircles putting out these updates on essential goods availability. Some improvement seems to be happening but more needs to be done.

      By Sarita Ravichandran
      /
    • Sanitizer Loot Continues

      In unique ways. The general store selling it bills for a different item. 600 for 200 ml sanitizer. Govt has mandated 100 rupees. The store bills rice in the bill. Pls see how it can be ...

      By Ajay Kumar
      /
    • Panic Buying happening in Mumbai

      Panic buying of essentials in my parents colony. Huge lines, crowds swelled up by the minute as the PM announced nationwide 21 days lockdown..it kind a resembles lines at the atm the night demon w...

      By Shivani Khiste
      /
    • Relaxation on banking charges

      No charges will now be levied by banks for next 3 months when Consumers withdraw cash From other banks atms. Also there will be no minimum balance charge.

      By Aditi Jain
      /
    • Wholesale rates of fruits veggies during covid 19

      Attached wholesale rates of fruits and veggies from gurgaon. Such information should be published by all district magistrates to make sure profiteetring is not happening. Peop...

      By Kanchan Kukreja
      /
    • Ecommerce dead

      Doesnt seem to delivering any more. What are we supposed to do. Local Stores stocked out and ecommerce cant deliver. Stand in long pds lines and get covid19 free??

      By Amit Mishra
      /
    • Faster handing of COVID-19 insurance claims

      In order to alleviate hardship of health insurance policyholders, IRDA issues guidelines to expedite handling of claims related to Corona virus disease. Everyone may save it in their pho...

      By Amit Mishra
      /
Share
Enter your email & mobile number and we will send you the instructions

Note - The email can sometime gets delivered to the spam folder, so the instruction will be send to your mobile as well

Please select a Circle that you want people to invite to.
Invite to
(Maximum 500 email ids allowed.)