SIM swap fraud: Phone numbers turn into keys to bank accounts
Cyber criminals hijack mobile numbers through illegal SIM porting, draining UPI and bank accounts within hours
Cyber criminals are constantly reinventing their methods and the latest threat targets one of the most basic tools people rely on: their mobile SIM card. Through unauthorised SIM swapping and SIM porting, fraudsters are stealing financial and personal data, causing severe monetary losses to unsuspecting victims.
In this scam, criminals first gather basic information about a person using phone calls, phishing messages or social media. Once they have enough details, they approach the telecom service provider while impersonating the victim and request SIM porting. Using social engineering tactics, they convince customer care executives that they are the genuine owner of the mobile number.
While the victim remains unaware, their SIM card suddenly stops working. Calls fail, messages do not arrive, and the phone shows “no network” despite full signal coverage in the area. This is the critical moment when the scammer gains control of the number.
Once the SIM is successfully ported, the fraudster starts receiving all calls, messages and one-time passwords (OTPs) linked to the victim’s number. With this access, they can reset passwords, log into bank and UPI accounts, and siphon off money. Personal data such as contact lists, photos, videos and email accounts can also be misused for identity theft or further fraud.
Police officials say there are clear warning signs. Victims may receive multiple SMS alerts or emails related to SIM activation or porting requests they never made. Sudden network loss without any technical reason is another major red flag.
To stay safe, the police have urged people to remain vigilant about bank alerts, UPI notifications and telecom messages. Any suspicious activity should be treated as an emergency. Victims must immediately contact their telecom provider to block the SIM and inform the police without delay.
Authorities stress that reporting cyber fraud within the first three hours — referred to as the “golden hour” — is crucial. Prompt reporting increases the chances of freezing stolen money and tracking down the criminals before the funds are withdrawn or transferred further.
The police have also reiterated a basic rule: never share personal details, banking information or OTPs with anyone, under any circumstances. Staying informed about emerging cybercrime trends remains the strongest defence against digital fraud.
