The identity of a person is the most precious thing a person can hold in his
life but what if a person's own identity is not in his control? This is the
threat that has been presented by information technology and in the digital
world, there is very limited control of a person over his own identity. The
websites track their online traffic, and applications require permissions to
almost every feature on a device, and integration of services over
cross-platforms has posed the threat of data leaks.
With the growing technology new methods and tools to commit fraud in the digital
world are increasing day by day. One of the frauds that involve both digital
fraud and also physical acts to complete the fraud is the fraud that is
committed as sim swap fraud.
Sim swap fraud: Mechanism
Sim swap fraud generally means the sim card of the person who is the victim of
the fraud is swapped with a fake sim by blocking the original sim. There are a
few steps that are crucial in the commission of sim swap fraud and the same are
Recent Legislative Development
- Stealing of the personal and financial data of the victim:
The very first step that is acted upon to commit the fraud is stealing and
gathering all the personal and financial data of the victim and it broadly
includes the following:
- Identification Documents and related information:
The first thing is that the
offender committing the fraud collects all the necessary identification
documents that are valid for getting a sim card being issued from the telecom
service provider are collected which includes the government identification
documents, electricity bill, rent agreement and due to the requirement of such
documents to be submitted for availing a lot of services is necessary there are
many persons and companies that are involved in selling the sensitive personal
documents collected by them.
The most common source that provides a bundle of
personal information and documents is the personal loan and credit facility apps
on the internet. There are a lot of websites that provide instant credit and
loan facilities but are nothing but a scam committed to collecting all the
necessary documents under the pretext of the requirement to avail finance. Even
many applications are available on the play store that only collects data and
usually, no credit facility is provided and only a general response is provided
that the application does not meet the internal policy of the company.
To safeguard oneself from these types of bogus websites and applications before
submitting any document general search has to be done on the internet about the
company and in most cases, the user will find instantly that the app or website
is a fraud as there are whistle-blowers who keep on sharing warning information
about these apps and websites.
Also, the user has to refrain from downloading an
application that is not available on the Play store or Appstore and also refrain
to visit any website of which the security certificate is informed expired by
the browser. Even if everything is right before sharing any information the user
must check whether the application or website seems to be trusty or not by
visiting the reviews and comments if any.
- Stealing of bank information:
The next step is to steal the bank details of
the victim and for this, the offender either uses the technique of fake apps and
websites discussed above or resorts to phishing, spamming, unsolicited calls and
SMS asking to visit a particular website by the link in the mail or SMS and to
update or reconfirm their personal details to have the uninterrupted banking
The website is a fake website created similar to the bank website with
a tweak that all the confidential information of bank accounts submitted on
these websites is stored to be used for committing the fraud.
- Making the user create a distance from the mobile device containing the sim:
the next step in the sim swap fraud is making the user have a distance from the
device used for operating the sim card that the offender is going to swap and
there are various tactics followed for the same:
- Continuously calling or sending SMS to the user about various irrelevant
things so that in frustration the user switches off their mobile device so that
while committing the fraud the user doesn't receive any information or updates
of transactions done from his account.
- Sending a bogus message of interruption in services: another thing that
the offender does is that SMS containing information about the interruption of
services that will occur shortly is sent so that when the sim card lost service
the user doesn't arise suspicion.
The various protective measure that can be adopted by the users are:
- Never switch off their mobile device unless the situation requires it.
- If there is no service in the sim to check with nearby persons whether their
network services are working or not if the user is in a network area.
- Not to ignore service interruption messages if only the user has
received a such message while other users of the same network have not
received the same and get in touch with customer support and inform them
about the same immediately.
- Swapping of the Sim:
The next step that is followed by the offender is to
swap the sim of the user with a fake sim by submitting documents and information
collected about the user and getting a new sim of the same number issued to
commit the fraud.
- Commission of the fraud:
Now as the offender has all the banking information
with him and the sim of the user is also swapped with a fake sim the offender
uses the information to gain access to the banking services of the user and
commit the fraud by transferring all the finances to numerous account and as the
offender has the sim all the OTP will be received on the fake sim he is using
and before the user arose suspicion or get the information about the financial
transaction it is too late to stop the same.
Recently the department of telecommunication issued a notification on 14th
November 2022 to all the sim service providers that in case of new sim card is
issued in case of swapping or replacement then in addition to the process to be
followed for the same the SMS facility both income and outgoing will be barred
for a period of 24 hours from the time of activation of new sim card and all the
licensee are required to implement the instructions issued within 15 Days.
implementation of these instructions there will be a 24-hour time gap before the
offender can use the sim to gain access to banking services as for any banking
service whether it is net banking or logging into UPI apps requires OTP to be
filled in case of net banking for login purpose and for login to UPI apps the
user is required to send a message to activate UPI id.
And in the meantime when
the user is not receiving any sim network services he has sufficient time to
contact the service centre or customer support for help and if it found that the
sim is swapped in unauthorized and fraudulently manner prompt action can be
taken in regard to the same and the fake sim can be immediately cancelled and
potential fraud that might have occurred due to the same can be avoided.
The notification is available at: