SIM SWAP Fraud: A Mumbai Businessman Gets Robbed Off Of 1.86 Crore Via Missed Calls

A terrifying banking fraud, the researchers are calling “SIM
SWAP”, recently preyed upon a Mumbai based businessman.
Reportedly, Rs.1.86 crore were harvested from this man’s
bank balance via 6 late night missed calls.

other such cases of “SIM-SWAPPING” have also come to light in the metro cities
of Bengaluru, Delhi, Bombay and Kolkata and the police cyber-cells are working
on them.

This baffling fraud is not just subjective to people with
lack of cyber knowledge or lack of critical thinking, technologically active
people could also easily get drowned in the scam.
This seemingly stupid and unbelievable method of scamming
people is fairly obvious to other parts of the cyber-world.
Despite being quite fresh in India, it has already affected
a lot of people around the country and has targeted a fair number of “not-so-aware”
mobile phone users, leaving their bank accounts pretty light.
When users switch from their old generation SIM cards to the
upgraded versions, meaning when they change their 3G cards to 4G they use a
technology called, “SIM SWAP” to register the new SIM card.
This technology had also come into play when the older SIM
cards got switched by nano cards.
a technique of replacing the existing SIM card by a duplicate one.
It can only be done when the attacker knows the unique 20
digit SIM number embarked on the SIM card.
Either the SIM-con would persuade the user into telling them
the number or would hack into it on their own.
Reportedly, the scammers had gotten the access to
the victim’s 20 digit card number and had set the SIM SWAP process on, in the
night time.
The scam broadly takes place in 2 steps, the SIM SWAP being
the second step of the scamming technique.
Already privy to the banking ID and passwords, all that’s
left for the fraudulent cons to find is the OTP on the registered mobile number
and behold, the transactions begin!
Possibly, the victim was previously victimised by a phishing
attack and unawares, mentioned his real password and account ID into a fake
website fabricated by the cons.
The businessman had received 6 missed calls between the
hours of 11pm and 2 am. These calls were initiated from 2 separate numbers, one
beginning from +44(UK’s code).
The calls weren’t attended to as his phone was on the silent
mode. Almost all the money got withdrawn from around 14 bank accounts the man
had across the country, except for the 20 lakhs he somehow managed to recover.
When a
user SIM SWAPS or basically EXCHANGES SIM CARD, all they do is register their
phone number with their new SIM card.
This way the phone number is harvested and once that’s done
the OTPs could be easily received, opening avenues of online shopping and
ludicrous transactions in the owner’s name.
SIM SWAP could also affect people who communicate about
their passwords or IDs via cell phones.
The technique depends upon who is a part of the
communication. In actual and legitimate SIM exchanges, the users are connected
to the servers of service providing organizations like Vodafone or Airtel.
These operators have ‘specifically designed official USSD
codes’ for the SIM Swap process.
But when the swapping is not done by the user, the 20 digit
SIM card number might fall into wrong hands.
If the wrongly swapped SIM card falls into the hands of the
scammer, the victim would fall into immense danger.
The user would get call from the scammer,
pretending to be from Idea or Jio. The caller would then, engage the user by
saying that the call is for improving the call experience.
Once, set and familiar, the caller would guide the user’s
way to SIM exchange, all the way wanting to extract the 20 digit SIM code.
The caller would try all means possible and would trick the
user with any trickery possible to haul those 20 digits out.
After having persuaded the user about the 20 digits, the
caller would ask them to press 1 or confirm the SIM swap.
The fraudster would then actually initiate the SWAP, having
extracted the 20 digit SIM code, they were after.
Meaning, if supposedly the user has an Airtel SIM, the fraudster
will too use an Airtel SIM to officially go through with the SIM swap.
Airtel would then send a confirmation text to the user’s
cell number. Airtel would be sure that the SIM swap has actually happened and
the attacker would have the cell number.
The actual user’s mobile will be left with no signals at
all, whereas the fraudster will have full signals on the SIM and complete
control over the cell number.
The fraudster would then incessantly call to make the user
switch off the phone, in order to get a window to complete the fraud. Once that’s
done, the user wouldn’t have any idea about it.


number could also be an important credential that you would never want to share
over the phone.
Also, always keep a close check on your bank account, and if
any weird activity is speculated, immediately contact the bank and put a stop to
the questionable transaction.

Share this with Your friends:

Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published.