Just imagine that you are in your house watching TV or enjoying some family time then your phone begins to buzz with transaction messages from your bank or mobile money accounts such as M-Pesa and Airtel Money yet you are not the one making those transactions.
It's a dreadful scenario to be in and you could just be a victim of a SIM swap fraud.
SIM swapping, or SIM jacking, occurs when a fraudster convinces your network provider to change your phone number to another SIM card that they control.
Since for many people, bank, email, and social media accounts are now linked to SIM cards, fraudsters can now access your accounts, transfer your money, and defraud family members and friends on your contact list while pretending to be you.
The sooner you can reverse the changes made to your accounts following a SIM swap fraud, the better. If you notice any of the warning signs listed below, you should contact your cell phone provider immediately since you may be the target of an attack.
If your phone calls or text messages are being rejected, it is likely that you are a victim of a sim swap. In this instance, your sim card has most likely been disconnected, and fraudsters are now using your phone number.
If your service provider advises you that your SIM card has been activated elsewhere, proceed with caution.
If your login information, particularly for the bank, or M-Pesa/Airtel Money account is no longer valid, fraudsters have most likely changed your usernames and passwords, potentially after getting your phone number. Ensure that you notify your bank, service provider, and other institutions as soon as possible.
If you receive notifications for bank or M-Pesa/Airtel Money transactions that you did not initiate, you could be a victim of SIM swap fraud. Fraudsters may have obtained your bank and M-Pesa/Airtel Money details and are transferring money from your accounts.
PINs, passwords, patterns, fingerprint scanners, and facial recognition are common security features incorporated with most smartphones, allowing them to add an extra layer of security.
In addition to your phone, you need to protect your physical SIM card. To unlock your device, set a numerical PIN that you'll need to enter each time you restart it.
The use of two-factor authentication (2FA), which requires more than just a login and password to confirm an account, improves online account security.
Use 2FA technologies such as Google Authenticator or Authy and ensure that they are enabled for all your accounts.
Safaricom's self-whitelisting service allows users to lock their phone numbers so that no one else can change their SIM card without their permission.
To whitelist your phone number, simply dial *100*100#.
Customers can be confident that their SIM cards can only be replaced by contacting or visiting a Safaricom Shop or Care desk with proper identification.
Phishing is a type of social engineering that is regularly used to obtain user login information, bank information, and other sensitive information.
Phishing often includes fraudsters impersonating genuine organisations such as banks, governments, or companies in the expectation that you will react to their requests or consider their communication because you trust these entities.
However, you should never disclose your personal information online to your bank, the government, or any reputable establishment. Even if the call or message looks genuine.
One of the most common ways for scammers to obtain your SIM card information is through social engineering.
Ensure that you protect your personal information to avoid being a victim of phishing emails and other types of data access. Also, don't click on any links from unknown senders.