Today, let’s try to know all about ‘sim swap’ out of the many other types of
cyber crimes that shook India in the last couple of years and also learn what can be
done in order to safe guard ourselves against such attacks. There are several types of
known cyber crimes. I use the term ‘known’ because the very field of Cyber Law is a
fairly new branch of law compared to the other highly coded branches of law. Many
new types of cyber crimes are raising their ugly head with the advancement in
What is SIM swap scam?
Also known as the ‘port out scam or the SIM splitting scam, this crime exploits a
mobile phone service provider’s ability to port a telephone number to a device
containing a different SIM. Fraudsters obtain banking account details and your
registered mobile number through phishing or through Trojans/Malware. This feature
is normally used when a customer has lost or had their phone stolen, is switching
service to a new phone or to a new technology like 3 G to 4 G. The scam begins with a
fraudster gathering personal details about the victim, either by use of phishing emails,
by buying them from organised criminals or by directly socially engineering the victim.
SIM SWAP SCAM
In August 2018, two men from Mumbai were arrested for cyber crime. They were
involved in fraudulent activities concerning money transfers from the bank accounts
of numerous individuals by getting their SIM card information through illegal means.
They were accused of transferring 4 crores Indian Rupees from multiple accounts in
addition to hacking the bank accounts of a few companies. Last year also saw several
Bangloreans lose their hard earned money to sim card swap fraud.
So, how exactly does this crime happen?
The culprits obtain a new 4 G sim for the victim’s cellphone number either by
impersonating him at an outlet of the service provider or online, using the 4 G sim
swap option on the service provider’s website. The new sim will then be delivered to
the given address in just about one day.
The thugs then call the victim pretending to be an executive of the service provider
and sends the 20 digit number printed on the new 4 G sim card via SMS and urges
him/her to activate the same. Once the victims does as told, the 3 G sim of the victim
goes inactive and the 4 G sim of the fraudster becomes active, thereby giving them
great control over the victim’s monetary holdings. These thugs then use it to validate
bank accounts by receiving OTPs on the said number. It’s all downhill for the victim
from there who could then end up losing a lot of cash to these criminals.
It has been estimated that more than 30 victims of sim swap alone have sought the
help of cyber crime police stations of the state CID and also the state police stations. In
many worst case scenarios, like the one where Mr. Manish Raj, a BPO employee who
are tech literates have also fallen prey to such frauds. He said- “In my case, I didn’t
even receive any dubious calls asking me to key in numbers. I only received an
internet generated SMS with a 20 digit number from the fraudster, which I carelessly
activated and ended up losing close to 30,000 from my bank account,” he recalls.
How to stay safe against such crimes?
Never ever share your personal details on any public domains or social media sites as
they can be sourced from there to be misused later. Sharing unknown personal
information with dubious applications, downloading applications that are not verified
from Google play store or i-tunes can make you extremely vulnerable to such attacks.
Never entertain suspicious callers claiming to be executives of telecom service
providers and most importantly, never open links from SMS senders you don’t
recognize, they are usually ‘click baits’. Furthermore, in case, you don’t have a network
on your phone all of a sudden and have not received any SMSes for a quite some time,
then get in touch with your service provider. Some service providers send text alerts
before a SIM swap, which means you might want to read SMS sent by your service
provider carefully going forward. Never use software’s on your computers and mobiles
that are not genuine and make sure your systems- be it phone or laptops always has
an updated anti-virus running. Also, avoid using your phone number as a recovery
option for your passwords and accounts.
What are the laws that can come to your aid in such instances?
Hacking– 43(a) r/w Section 66 & 66(c) of the Information Technology Act, 2000 and
Indian Penal Code section 379 & 406. If crime is proved, accused shall be punished for
imprisonment up to 3 years or with fine up to rupees 5 lakhs or both.
If under the information technology act, 2000 section 66 (c) charge then this offense
should be bailable offense under Sec 379 of IPC charge it will be a non-bailable
While the cyber laws are getting strengthened by the day, the spreading of awareness
about such crimes is also equally important as it can go a long way in safe guarding
the well-being of gullible people.