How Sim Swap Fraud Happens and What to Do

Updated on February 12, 2018

I received a strange SMS on one afternoon recently. Upon opening it I was informed that my mobile network carrier, MTN, would be performing maintenance on their infrastructure and that if I noticed that anything went wrong with my phone I was to turn it off and on again.

I thought this was very odd. There was no branding from MTN in the message, although that could easily be included in a spoof SMS. This was also accompanied by grammar and spelling mistakes. I asked a few people about it and was told to be extremely careful because it could very well be part of a SIM swap scam.

My heart sank when I heard that and I searched online on what to do in such a situation, although the answer was clear: whatever it was that had to be done, it had to be done immediately. So a fraud report was filled out, and a few phone calls were made. After being passed around for about an hour, with my bank telling me that it wasn’t their problem, I got through to someone at MTN, who confirmed that it was indeed a legitimate SMS from MTN, and that I had nothing to worry about. I didn’t mention anything about the poor grammar or spelling mistakes in said message, which was what made me suspicious in the first place, because I was too thankful and relieved to be snarky at that point.

I was fortunate that this ended up being a false alarm, but SIM swap scams are becoming increasingly common, with MTN and ABSA in particular featuring in the news quite often lately. In this scary episode I read up about these scams and learned a bit, so naturally I felt the urge to write about it.

"I thought this was very odd. I asked a few people about it and was told to be extremely careful because it could very well be part of a SIM swap scam. My heart sank when I heard that."

What is a SIM swap scam?

A SIM swap scam is a type of fraud that involves a criminal registering an existing number of a cellular company’s client on a new SIM card (the small device that slots in your phone, that allows you to make and receive calls, SMSes, etc.). They usually do this in order to intercept notifications and OTPs, or one time passwords, that are sent to the client when he or she wishes to carry out a transaction of sorts on their online banking profile, change account security settings, etc. This allows them to steal money from the client, and he or she may not even notice before it’s too late.

SIM swaps could also potentially be carried out in order to commit other acts such as ringing up a huge voice or data bill which the client would end up paying for – which would be especially disastrous if said customer was on a contract, where out of bundle rates apply. Generally SIM swaps are used to defraud people. One way or another that person ends up losing money.

Fraudsters don't even need to get a hold of your phone to commit SIM fraud.
Fraudsters don't even need to get a hold of your phone to commit SIM fraud. | Source

Did you know?

Vodacom and MTN have been using technology for the past few years which aids banks in thwarting SIM swap fraud. It allows banks to check the date and time of the last SIM swap, date and time of change of handset, and the number of calls made with the combination of handset and SIM card. The only two banks currently using these services are FNB and ABSA.

How SIM swap scams happen

Phase one of a SIM swap scam usually involves the criminal trying to obtain information from an individual which relates to their online banking profile. This will usually occur in the form of a phishing email, but could also happen through a practice known as SMiShing, which is by SMS on your mobile phone or vishing, which is carried out by voice call. Basically they would look to obtain your username and password for your account, either by making you reply to the email, SMS, or call with the information they’re looking for, or by making you visit a phishing website – a website designed to look exactly like the real deal – and make you enter your login details there.

But they won’t stop there, because several banks nowadays rely on a 2-step verification process which involves using your mobile phone to receive OTPs (one time passwords). Without these codes, which are usually comprised of numerical digits, the criminal can’t carry out any transactions on your account, and even if they tried, you would be alerted to the fact that someone is in your online banking account because you would receive real-time confirmations.

So begins the second phase of the SIM swap scam, which involves the criminal gathering information relating to your network operator. They will attempt to find out your number – they could do this by way of social engineering. They will call your number or SMS you, and they will try to find out information such as your name, ID number, street address, network and other information that is unique to your SIM. They can take this, perhaps along with falsified identification documents to your network operator, and pretend to be you. They can then claim that they need a replacement for a damaged or lost SIM card, and they will likely get what they want.

It is possible that the scammers may not even have to go to these lengths, as it has been suspected in several cases due to the frequency and ease of this scam, that there may be an accomplice employed by the cellular network. In other words an inside job. This is evident when specific branches of an operator are often involved in these scams.

Then you may or may not receive phone calls or SMSes from people pretending to be employees of your cellular network telling you to switch off your phone due to ongoing maintenance or some other story. With your phone off, you are much less likely to notice the lack of incoming calls and SMSes to your phone, because at this point the SIM swap scam is in full effect. If you were to switch your phone back on you would likely see that there is no service from your operator. The other SIM card registered with your number on it is the one that will now receive any and all calls, SMS notifications, which together with your banking details which were obtained from you earlier, they can use to clean out your bank account without you even knowing, and by the time you realise, it will be far too late.

"It has been suspected in several cases due to the frequency and ease of this scam, that there may be an accomplice employed by the cellular network. In other words an inside job. This is evident when specific branches of an operator are often involved in these scams."

What to do in the event you become a victim of a SIM swap scam

If you suspect you are the victim of a SIM swap scam, immediately call your mobile network operator for assistance. Be sure to call the right department. They may also have a form on their website for dealing with cases of fraud, which you can fill in, and they will assist you in an investigation of the matter.

Also make sure to call the appropriate department at your bank, and suspend all activity on your bank account, essentially locking it, so that nobody is even able to log in to your online banking profile.

If you are able to, you may consider accessing your online banking account, and changing your password, as well as changing your associated email address and mobile phone number, so the notifications and confirmation SMSes would arrive at a new number and email address. So even if the criminals succeed with the SIM swap operation, the number they have is no longer linked to your bank account. But I would more readily recommend that you just suspend activity on your account, especially in a panic situation or if you are unsure on how to go about doing all of that.

If money ends up getting taken out of your account, then you need to open a case with the police for theft, preferably within 48 hours of the fraudulent transfer or withdrawal of funds having taken place. During this process you may receive documentation from your bank’s claims department, which will aid in the investigation.

You might get your money back, and you might not. The banks claim that recourse depends on the circumstances of each case. In fact, some flat out refuse to reimburse a client, often claiming that it was the client’s fault – that they did something in order to help facilitate the theft. If you are fighting an uphill battle, it may be a good idea to get legal advise on the matter.

Did you know?

Most of the big banks have security centres on their websites which allows you to see all the latest scams going on, as well as view more information on what is involved with each known scam.

How to avoid becoming a victim of a SIM swap scam

  • Make sure to become familiar with existing scams by reading appropriate blogs, forums, or articles in the newspaper, so when you see that email or SMS arrive in your inbox, you know it’s bogus.
  • Don’t ever reply to suspicious emails. Your bank would never ask you to enter any confidential information in to an email.
  • Don’t ever click through on links that may lead you to phishing websites – websites engineered to appear and operate like the official website. They may download a virus on to your PC, just by visiting them, which could serve as another means of obtaining your banking account password(s).
  • Use your common sense. If you receive an email claiming to be from your bank, ask yourself if this is the same email address associated with your online banking account.
  • Don’t use publicly visible email addresses for banking. Use a secure, private email address that nobody but you and your bank knows.
  • Always visit the official website of you bank by typing in the address. Bookmarking the website isn't safe because there are forms of malware that could tamper with bookmarks so that they redirect you to phishing websites.
  • Only ever try to log in to your online banking profile via the official website. There are ways to make sure that it’s the official website – not only by looking at the URL, but by checking the security certificate, which usually appears in the form of a padlock in your browser. You could even look up the website on a database, which would confirm whether the website is safe or not.
  • Change your online banking passwords frequently. I would suggest at least once every 3 months. And make sure it’s a strong password too.
  • Don’t answer calls or reply to SMSes from numbers you are not familiar with.
  • Even though it may be tempting to put your phone on silent or switch it off when multiple calls come through, it may not be the best idea, as this is exactly what the criminal may want you to do so that you don’t notice anything strange going on with your phone.
  • Take note of the number the call or SMS came from. You can then look up this number on, or even contact your mobile network operator and check with them for more information if you receive a suspicious call or SMS.
  • Consider joining a bank that gives you better security when it comes to banking, especially with online and cellphone banking. Some banks are known for not being secure with the features they provide. The same could could be said for some cellular networks.
  • If the bank only offers 2-step verification security that relies on using a mobile phone to access your account, then check whether or not you can set a backup number, or an email address where you can at least receive notifications at.

Have you ever been a victim of SIM swap fraud?

See results

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

© 2013 Anti-Valentine


    0 of 8192 characters used
    Post Comment
    • profile image


      4 months ago

      I am presently going thru the same thing here in fort mcmurray there apprears to be a illegal call centre here with some african and hindu people yesterday i was at super store calling about a job while having the phone in my hand i saw it reboot signal go away its a blackberry the rcmp have cops that are part of the sim swapping fraud you can not even trust them there are some jamaicans also in the sim swapping fraud some truckers because i know them they put tracking device on my car the fbi needs to find these fraudsters and put them away they are in organized crime when they are caught they should get min 60 years each with out parole i do hope the fbi is reading this post its serious thing not going to say no more i love to see these fuckers in prison doing

    • profile image


      14 months ago


    • profile image


      2 years ago

      Thanks for the info

      Just going through the same sim swap stuff.

      Thank God I noticed it early. If it's an inside job, we need to get rid of these criminals what the use of all the sim registration. And why is mtn always their target.


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
    ClickscoThis is a data management platform studying reader behavior (Privacy Policy)