Can SIM swap attack empty bank account without warning?!

Can a SIM swap attack empty your bank account without warning?! Take a look at the viral warnings, and find out what the facts really are!

Updated @ 2023-10-07 : Added new viral message, and other updates.
Originally posted @ 2022-01-16

 

Claim : SIM Swap Attack Can Empty Bank Account Without Warning!

This message has gone viral on social media and WhatsApp, warning about a new high tech fraud called SIM Swap Fraud that can empty bank accounts without warning.

The message includes a link to a Straits Times report about a young couple who lost $120,000 in a fake text message scam targeting OCBC Bank customers.

Your BANK Account could be Emptied without an Alert!

Dear All, Please let’s be very careful.. There is a new HIGH TECH FRAUD in town called the SIM SWAP FRAUD, and hundreds of persons are already VICTIMS.

Here is a new variant circulating in 2023:

My cousin received a call , asking if he had been vaccinated, if vaccinated to press 1.

If not vaccinated, press 2. As a result, he pressed 1, the phone was blocked and his online bank information/account were all transferred. Please be Alert and Careful and forward to more people to know about this new trick/scam. Forwarded as received.

Recommended : Beware Of Telegram Screenshot Hack + Scam!

 

Truth : SIM Swap Attack Is Real, But Don’t Work Like That

The truth is – SIM swap attacks are real and very dangerous, but they do not work like the viral messages claim.

Here is what you need to know about the viral message, and SIM swap attacks.

Fact #1 : SIM Swap Attacks Are Not New

SIM swap attacks are really not new. Scammers have been using SIM swap attacks since 2015, if not earlier.

Fact #2 : SIM Swap Warnings Are Mostly False

The viral message is correct about the risk of SIM swap attacks, but pretty much wrong about everything else.

In fact, the method by which the SIM swap attack works is completely made up. So the viral message is really FAKE NEWS.

There’s no way your bank account will be emptied without any action on your part. Neither will your bank accounts be emptied because you participate in a COVID-19 vaccination SMS survey.

Fact #3 : No Evidence Of Such Fraud

There is no evidence of SIM swap attacks requiring users to complete the process by responding to an SMS survey about vaccination.

Neither is there any evidence that SIM swap attacks alone can lead to your bank accounts being emptied.

Fact #4 : Straits Times Article Was Not About SIM Swap Attack

One of the viral messages include a link to a Straits Time article to mislead you. That’s because the article was about a phishing attack, not a SIM swap attack.

In that phishing attack, the victim received an SMS  with a link that took him to a fake website that “looked exactly like the OCBC login page“. He then keyed in his bank login details, thus handing over control of his bank account to the scammers.

The victim also ignored automated messages warning him that his “account was being setup on another phone“. That had nothing to do with a SIM swap attack. It was an SMS-based phishing attack.

Recommended : How To Turn On Two-Step Verification In Telegram!

Fact #5 : SIM Swap Attacks Generally Do Not Require Any Action

In most SIM swap attacks, scammers use your personal information, either purchased from other criminals or obtained through earlier phishing attacks or social engineering, to request for a SIM card replacement.

All that does not require any action on your part. In most cases, you only realise you’ve been hit when you lose access to your mobile number.

Fact #6 : SIM Swap Attack May Require Action In Some Cases

The Press 1 claim in the viral message is partially correct, but it only happens in a particular circumstance.

In India, scammers have tricked people by offering a free network upgrade, or to help improve signal quality on their phones :

  1. The scammer will call the victim, claiming to be from their mobile service provider.
  2. The scammer will try to get the victim to reveal his/her 20-digit SIM card number.
  3. The scammer will use the 20-digit SIM number to initiate a SIM swap with the mobile service provider.
  4. The mobile service provider will automatically send an SMS to confirm the swap.
  5. Once the victim confirms the swap, his/her SIM card will stop working.
  6. The scammer now has access to the victim’s mobile number.

Fact #7 : SIM Swap Attack Does Not Hack Your Phone

The SIM swap attack does not involve any hacking of your phone.

You only lose access to your mobile number. Your phone is not hacked.

Recommended : Can Greeting Photos + Videos Hack Your Phone?!

Fact #8 : SIM Swap Attack Does Not Empty Bank Accounts

Once the scammers successfully gain control of your mobile number, they can use it to intercept one-time passwords (OTP) like TAC numbers.

This allows them to change passwords to your bank accounts, social media accounts, etc. which is why SIM swap attacks are so dangerous and damaging.

However, it does not mean your bank accounts are immediately emptied. For one thing – the scammers need to know your bank login.

That’s why SIM swap victims often have had their bank logins and passwords stolen earlier though phishing attacks. The scammers only need their mobile numbers to receive OTP / TAC numbers to authenticate the transfers.

Fact #9 : SIM Swap Attack Can Be Used To Cheat Friends Too!

Stealing money from your bank account requires extra work, so scammers who do not have your bank login details will resort to cheating your friends.

With access to your phone number, they can easily gain access to your social media accounts (Facebook, Twitter, Instagram) as well as instant messaging apps (WhatsApp, Telegram).

Once they have control, they can send messages to your friends, pretending to be you. Naturally, they will concoct some story to ask your friends for money.

The idea is to use your (now) stolen accounts to convince your friends that you genuinely need their help. The money that they transfer goes directly to the scammers, or their mules (people who rent their bank accounts to scammers).

Now that you know the facts behind the SIM swap attack or scam, please SHARE this article with your family and friends!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Cybersecurity | MobileTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Leave a ReplyCancel reply