Nowadays mobile phone is a most convenient way of operating your bank account. You can generate a one-time password, unique registration number or make some other financial transactions. However, what if someone gets the same number duplicate SIM card and start to access your bank?
As the name suggests, someone may buy a new SIM from the same network provider and start operate all your banking transactions. The bank will not differentiate between you and the fraudster. Because the account is operating from the same number. Even mobile operator also unable to track such frauds.
In the below image, HDFC Bank illustrated about this in a better graphical manner.
Let us see each step one by one.
1) Fraudsters gather your information-The first step they do is to gather your personal information. Usually, they try to access your personal information by way of phishing, Vishing, Smishing or any through the Trojans / Malware. They try to gather your banking details.
2) Fraudsters visit mobile operator to block your SIM-They approach mobile operator with genuine customer fake ID proof and request operator to block the SIM. They provide the reason as loss of handset or SIM damage.
3) Issue of new SIM to fraudster-After due verification, a mobile operator issues a new SIM with a same number to a fraudster. Because even for a mobile operator it is hard to find genuine customer. They issue the duplicate SIM to a fraudster. Once this new duplicate SIM is issued, then the genuine customer mobile phone will be without a network. Therefore, a genuine customer stopped to receive the SMS alerts on the phone.
4) Fraudster accesses your bank account with new SIM-Fraudster then initiates financial transactions (from the banking details which he has already stolen) by generating a one-time password (OTP). This new password will be sent to the fraudster’s new SIM but not to a genuine customer. Hence, a genuine customer kept in blank.
How the fraudsters get bank details?
ICICI Bank explains, “SIM swapping/exchange is usually phase two of a fraud attack. Initially, they send a phishing email (or other similar phishing attempt) to get all your banking details. These details can also be stolen using Trojans/Malware. They also work towards getting the victim’s personal information and may even go as far as stealing identity and creating fraudulent ID documents. In order to use all of this gathered information, they need access to the victims mobile messages – hence the SIM swap“.
How to protect from such frauds?
- If your phone is out of network continuously for a few hours, then you have to take it seriously and be alert and complain the same to a mobile operator.
- Never switch off your mobile for long periods to avoid unwanted calls. Instead, try not to pick them. Otherwise, activate DND (Do Not Disturb) facility for your SIM.
- Regularly check your bank account statement.
- Register for both email as well as SMS alerts.
Hope this inform will be helpful for you to protect your banking details.