Sim Card Frauds - LC must escalate this

Read about how sim card frauds are happening. LC must escalate the need for a SIM password and email validation for sim card reassignment by operators.

This is how sim card frauds are taking place:

Hackers hijack SIM connections in three ways. The most prevalent one is called “SIM swapping over a call". In this case, they first gather information on targets—their full name, address, mobile number, date of birth, passcode or Aadhaar number — through phishing scams or leaked databases found on the dark web (that portion of the web that is not traceable by search engines).
Then they will call the target, pretending to be a customer care executive from the operator, in the name of upgrading to new services. They will ask the target to share their SIM card’s ICCID (integrated circuit card identifier) number—a 19-20 digit serial number specific to the SIM.

Once they have the details, they will call the operator, impersonating the actual user and use this information to pose as the user.
Once the SIM swap request is initiated, the operator sends an SMS for authentication and users have to acknowledge it by tapping a single key or a bunch. The hacker will tell users in advance about this SMS so the latter easily falls for it.
Once the SIM swap is complete, the original SIM will be deactivated and the number will be active on the duplicate SIM owned by the hacker.

The second method is “SIM swapping in person" and is likely to be used by small-time cybercriminals. In this case an impostor will visit an operator’s retail outlet with fake documents pretending to be the actual customer and try to get a duplicate SIM card issued.
Another way to take control over a person’s mobile number is through SIM cloning, but that requires the hacker to have physical access to the SIM card to break the encryption keys and extract the IMSI (international mobile subscriber identity) number—a unique 15 digit code that identifies the SIM to the GSM (global system for mobile communications) network. Unlike SIM swapping, in this case both the original SIM and cloned SIM remain active simultaneously.

SIM hijacking has recently become particularly popular because mobile numbers are being used by various applications, including popular social media platforms, as an identifier, and to enable account recovery and second factor of authentication via SMS confirmation. Therefore an attacker who successfully swaps the SIM card is able to take over an account that uses that phone number as an identifier and as an SMS recipient for the second factor of authentication. more  

View all 10 comments Below 10 comments
Thanks for the Infos. more  
Wonder as to how did you know of these techniques used by criminals? Have you got any personal experience or are these mere assumptions shared to scare readers? more  
Very useful more  
ICICI Lombard not honouring Claim even after premium for five years. Be careful. more  
Mobile design need to add buttons for inserting/ releasing sim and clear Memory. more  
Post a Comment

Related Posts

    • Wrong Product delivered

      When I was using instagram, I got an advertisement from which was showing that there is sale on combo offer. Combo contains "Noise wireless earphone and a Smartwatch". I went through...

      By Chirag Dashora
    • Samsung deliberate scam

      I've been trying to get my phone fixed for a month now from samsung for a issue they created for free of charge, but they are refusing saying the device is 2nd hand (which is true) and they won't d...

      By Visakh R
    • Thomas Cook not refunding my money, unnecessary charging charges and hold money for the last 7 month

      This time Thomas Cook is unnecessary charging the cancellation fees Rs 5000. And some GST CHARGES 3. They have already blocked my money for the last 3 months. Even after number of follo...

      By Suman Kumari
    • Delay in service

      I am facing long delay in service by sansung. what to do? its been 2 months now, they still not repair my refrigerator but only make false statements when i called them. I called them 50 to 60 time...

      By Devendra Bhandalkar
    • Cable TV charges - Covid 19

      During this Covid-19, Govts, Corporates and every citizen are sacrificing to the extent possible despite loss of income and pains. In case of cable TV and Dish operators have not contributed anyth...

      By Perry AL
    • Make government and related services completely online

      This is the nth time I am posting in this circle regarding making services completely online to reduce unnecessary travel by citizens and reducing the crowd at these service centers/offices. Let th...

      By Padmanabhan G
    • Excellent work Circles and LocalCircles

      All members must go through this report shared by LocalCircles which seems like same day action by Government

      By Sarika Bansal
    • Govts regressive move

      Of taking out sanitizers and masks from essential commodity list. Adding 3 months back had reduced price of sanitizer 50 rs for 100 ml. Has the pandemic ended in Govt eyes. If not why t...

      By Sarita Ravichandran
    • Incompetence of Urban company

      I have a similar experience with urban company. The AC which was running well, after servicing was cooling less. The technicians who came to do the job were more interested in recharging gas. They ...

      By Suresh Gopinathan
    • Urban Company AC Service Provider uses Spurious Parts, Urban Company not resolving the issue

      We got AC repaired thru Urban Company @urbancompany, The Service provider used Spurious parts and charged us for the originals. Complaint to Urban Company not resulting into a resolution. Urban Com...

      By Hardeep Singh Arora
    • Flipkart fooling and looting customers

      Booked the order with Flipkart on 24th March 2020 for Product - Realme C3 mobile phone. The last product location updated was for Bhivandi location on 5th May 2020 and there was no status change ti...

      By Ubaid Khan
Enter your email & mobile number and we will send you the instructions

Note - The email can sometime gets delivered to the spam folder, so the instruction will be send to your mobile as well

Please select a Circle that you want people to invite to.
Invite to
(Maximum 500 email ids allowed.)