Have you been SIM swapped? The top five warning signs of mobile banking fraud
Security around personal banking has rarely left the headlines in 2019.
Matthew Stevenson the Technology Officer at Albion Business has given his top five warning signs for SIM Swap fraud and mobile takeover.
SIM Swap is a little-known and difficult to spot crime that is seeing an upward trend in the UK and other regions, including Africa explained Matt- “SIM Swap fraud occurs when a criminal registers an existing phone number of a victim on a new SIM card by impersonating the victim to the mobile phone provider. Once activated, a criminal will receive all the calls and SMS notifications sent to the victim’s mobile number and can deactivate the original SIM card in the process. Once in control, criminals are able to bypass SMS-based onetime passcodes and steal large amounts of money quickly. This is often before the victim is even aware they have been targeted.”
“We are speaking with a number of leading mobile network operators to tackle SIM Swap fraud, but consumer awareness of the crime has stayed relatively out of the headlines. There are a number of signs that mobile banking customers can look out for to identify if their SIM card may have been compromised, or their phone has been taken over,” Stevenson said.
1) Phishing messages and suspicious communications asking for information
SIM Swap fraud requires the hacker to have access to a victim’s bank details. These are often obtained through an email phishing attack, unsolicited communications asking for details, or by purchasing that information from online crime gangs. You should never respond to these types of communications or send your bank details on any platform that could be read by someone else. Your bank will never ask for this information so don’t be fooled by fraudsters imitating your bank. This leads to the initial opportunity to get account access or access to a duplicate SIM card; it also could provide criminals with the answers to personal security questions.
2) Extended loss of signal
Once SIM Swap fraud has occurred, it is not instantly noticeable to the victim. Extended loss of signal is the initial sign that SIM Swap fraud has taken place, as the control has been switched to a new device. Contact your mobile network provider to check if it is a widely known issue, or isolated to your device.
3) Floods of calls and messages
This is a tactic that runs parallel to the extended loss of signal. Criminals will send a flurry of nuisance calls and/or messages in an attempt to get victims to turn their phone off. If you’re suspicious, it’s vital that you don’t turn your phone off as this is used as a distraction to delay you noticing a loss of service when a SIM is swapped.
4) Opening links on your phone
Whether the link is sent to a victim via a phishing message or is on an unknown website, mobile phone users should be cautious when opening links on their device, and delete anything suspicious immediately. Hackers can use links that contain application packages that, if installed, will give the people behind the malware administrator rights to the victim’s device.
5) Be aware of the source of any applications you download
Only download applications or make in-app purchases from approved sources or stores. To prevent suspicious applications from being installed, Android phone users can go to Settings/Security and turn the ‘Unknown Sources’ option off, which will stop the phone installing them from anywhere other than Google Play.
Stevenson continued: “We have talked a lot about what should be done to start tackling SIM Swap fraud from the organisational side. For example, SMS should not be used in isolation to verify a customer’s identity during a mobile banking transaction, because it is simply not secure enough; it should be used in conjunction with other authentication factors.”
He concluded: “Banks and mobile network operators have the ability to make use of voice recognition to verify a transaction, as well as clever background checks using mobile data, on elements such as how long it takes a call to connect, suggesting a call divert is in place and therefore a potential fraud. This is why multi-factor authentication when using an app to make transactions is so important.”
Talk Albion Business about ways to lock down your devices and protect your business from unauthorised and fraudulent activities.
However, If you believe you have disclosed personal data through these types of activities you can report it to Action Fraud at https://www.actionfraud.police.uk/report_phishing
SUCCESSFUL BUSINESSES NEED INTELLIGENT COMMUNICATION