What: A type of identity theft where fraudster manages to obtain personal banking details and victim’s mobile number using various social engineering tools, post which fraudster gets a replacement SIM card issued against victim’s registered mobile number using fake identity documents and gains access to personal banking associated with the victim and other sensitive information

How: Fraudster approaches a telecom service provider posing as their customer to obtain duplicate SIM cards of their intended victims’ existing mobile numbers, allegedly by using forged identities and/or fake POA. Fraudsters either already have obtained customer’s credential through social engineering or uses the SIM card to reset the Customer User ID and Password, which are done after SMS / OTP authentication. They use the account for siphoning the funds by OTC / ATM withdrawal or through FT.

Safeguards:

• If your mobile phone doesn’t have a network, do not assume it to be a network outage and immediately check with your service provider.
• If your service provider confirms no network outage and/or issuance of replacement SIM card, register a complaint with the service provider and check your bank account immediately.
• Regularly check your bank statements and transaction history for any irregularities.
• Never reveal answers to your “security questions” to anyone.
• Do not keep personal details such as your phone number, date of birth etc. visible to all on social media platforms.
• Do not respond to unsolicited calls or text messages asking for your sensitive information.