Fraud Risk Scheme:
A fraudster, after collecting personal data about a customer (through phishing or a data breach), contacts the victim’s mobile operator while impersonating them. The fraudster claims the phone was lost or stolen to request the blocking of the old SIM card and activation of a new one, which they control. This allows them to intercept one-time passwords (OTPs) sent by SMS and banking app notifications, enabling unauthorized access to the victim’s account and the execution of fraudulent transfers.
Detection:
Account behavioral analysis: Alerts triggered when a SIM card change is immediately followed by a login to the online banking portal or the initiation of a sensitive transaction (transfer, contact details update).
Suspicious attempt tracking: Detection of multiple SIM recovery or portability requests within a short time frame from various sources.
Transaction monitoring: Identification of transfers or payments initiated shortly after a SIM swap event.
Data cross-checking: Verification of consistency between the mobile network operator used for the connection and the customer’s usual behavior or known profile.
Prevention:
Biometric validation for SIM changes: Require in-store biometric verification or strong customer authentication for any SIM replacement request.
Alternative authentication channels: Replace SMS-based OTPs with more secure authentication methods, such as push notifications via secure banking apps or hardware tokens.
Security delay: Implement a mandatory waiting period between a SIM change and authorization for sensitive financial operations.
Customer awareness: Proactively inform clients about the risks of SIM swapping and provide guidance on securing their mobile and banking accounts.
Share Your Feedback:
What tools, techniques, and processes are used to detect and prevent this type of fraud?
