Telephone, Internet, TV Consumer protection Illegal SIM swapping

Illegal SIM swapping

Through illegal SIM swapping, a scammer will transfer your mobile phone number to another SIM card. Once your number is transferred to the scammer's SIM card and it is activated, the scammer will have control over your phone number. He may then be able to change online passwords, access your emails, social media, payment systems, etc. He may receive verification codes sent via text message to your phone number.

The scammers are very cunning when it comes to SIM swapping. They pretend to be you to the mobile operator in order to transfer your phone number to a SIM card that the fraudsters possess. To that effect, they use the personal information they have gathered about their victim and may be able to supplement this information after phishing emails, malware, social media research… and thus try to answer the security questions of the mobile operator.

How to recognise SIM swapping fraud?

It is not always easy to detect SIM swapping fraud as the hacker often acts discreetly and quickly. However, there are a few telltale signs that may alert you:
 

  • sudden and total interruption of the mobile service: if you notice that your smartphone suddenly no longer has mobile service without obvious reasons, this may be a sign that your number has been transferred to another sim card. Be aware that there may also be other reasons for a disruption of service, such as a malfunction at your operator’s;
  • suspicious activity on your accounts: receiving login notifications from unknown devices, messages appearing on your social media that you have not posted yourself, receiving notifications of changed passwords from your online accounts or no longer having access to your personal accounts because the login details no longer work… all this may indicate that your phone number has been compromised;
  • unreceived text messages or calls: if you no longer receive certain text messages, such as two-stage authentication messages, this may mean that these messages are being redirected to another SIM card.

What can I do to protect myself against SIM swapping fraud?

Unfortunately, there is no infallible method to protect yourself against SIM swapping fraud, but there are a number of good practices to mitigate its consequences:
 

  • enhance your access security:
    • use double identification, giving preference to apps that are specifically designed for identification (such as Authenticator or itsme) rather than asking to receive codes by text message;
    • use strong passwords (12 characters or more, with letters, numbers, and symbols) and hard-to-guess codes;
    • change your passwords and codes regularly;
    • avoid using the same passwords and codes for different applications, services, and cards.
       
  • do not post accurate information about your identity on social networks.
     
  • be on the look-out for suspicious calls, texts and emails:
    • check the identity of the sender;
    • never communicate your PIN or PUK codes, or your personal data by phone, email or text message if you cannot identify the person you are talking to;
    • do not click on links, download attachments or provide information in the event of an unusual call, text or email;
    • if in doubt, contact your operator via the official contact options (shops, official telephone numbers).

Mobile operators are doing everything they can to prevent fraudulent SIM swapping. They follow special procedures and protocols to this effect. These vary from operator to operator and are part of the company's internal operations. They do so to avoid playing into the hands of potential fraudsters and giving them the opportunity to circumvent the measures taken.

What should I do if, despite everything, I am a victim of SIM swapping?

  • Contact your telephone operator immediately:
    • report the fraud to your operator;
    • ask to block your number.
       
  • Protect your online accounts and your cards:
    • change the passwords of all your online accounts;
    • stop using authentication via sending codes by text message;
    • check your online accounts and transactions in your bank accounts.
       
  • inform and protect your environment:
    • alert your professional and personal contacts;
    • ask them not to respond to suspicious messages or calls from your number.
       
  • be extra vigilant:
    • be much more vigilant when it comes to suspicious calls, texts and emails, even those that seem to come from your operator;
    • do not communicate your personal information by phone, email or text message; 
    • do not click on links, do not download attachments;
    • if in doubt, contact your operator via the official contact options (shops, official telephone numbers).
       
  • Take legal action:
    • report it to the Police;
    • keep the evidence of fraud (messages, notifications, account extract, etc.).

 

Back to top