SIM swapping is a thing and it allows scammers to use your mobile number to take over your financial accounts.
Fraudsters have been registering an existing mobile number on a new SIM card purchased from a local shop, claiming to be the original owners who have misplaced their SIM cards.
They intercept all passwords and notifications, including mobile banking apps and transactions, after obtaining the new card.
Long before the victim is aware of the swim swap, they are left with empty accounts that they cannot access, with some even suffering twice as much after the fraudsters borrow to the maximum limit from lending apps.
Safaricom, a mobile service provider, has stepped in to help its customers by introducing a self-whitelisting service that allows the line-owner to lock their own number, preventing sim swapping without their permission.
According to a tweet and information on the website of telecommunication, dialing *100*100# from your Safaricom number will prevent the SIM swap. The procedure cannot be carried out on one’s behalf by using another person’s line.
“This is a service that ensures that a customer’s line/SIM card can only be replaced by visiting a Safaricom Shop or Care desk with your ID, or by calling Safaricom customer care,” According to Safaricom’s website.
“SIM-swap basically is a form of identity theft. In other circles, it’s called impersonation. The fraudster would call you, and play mind games on you. For instance, after you’ve received the call, he or she will refer to you by your full name, saying they’re calling you from your network service provider,” Hannington Oduor, a security system analyst.
Stages used by fraudsters
They read out your entire ID number and then ask you to confirm that the digits are correct. They do this to gain your trust. That’s what they want at Stage One before they continue the fraud.
The majority of victims were instructed to dial the USSD code 33*0000*, while others were told to dial #253257# or ##72786#. These codes essentially send a command indicating that you have lost your SIM card and are thus initiating a swap process.
When you start the swap process, the network on your device goes away. While you were offline, possibly attempting to visit your network provider’s shop, the fraudster, armed with your information, would have called your service provider, claiming that he or she had lost his or her SIM and needed to renew it. He or she will then provide your information to the mobile service agent, who, unbeknownst to him or her – or in ignorance – will assist in activating the line.