by EE Community Manager
EE Community Manager

SIM swap fraud. What is it and how do I avoid it?

Ever since mobile phones have become a tool for some banking transactions, they have also become a tool for fraudsters wanting access to your bank account.

This criminal activity is known as SIM swap fraud. But there are steps you can take to help reduce the risk of fraudsters accessing your bank account and potentially withdrawing your cash.

 

 

How does SIM swap fraud work?

 

There are various methods fraudsters use to secure bank details and other personal information that can allow them to access your bank account. Once they have illegally accessed your bank account, they can then try to transfer funds out of it – but banks have several methods to then confirm that it’s really you trying to move your money.

 

When banks use SMS messages for two-factor authentication to try to confirm that it’s really you (essentially, the delivery of a unique passcode to a device that you own), it means there is an opportunity for a fraudster to authorise a bank transfer by switching a your phone number over to a new SIM and intercepting the authorisation message.

 

They do this by contacting the victim’s phone company, cancelling the old SIM, and activating the number on a new SIM that they have in their possession – often using correct personal details, bank details and other information that they have acquired elsewhere to pass the mobile operator’s security checks. Hence ‘SIM swap fraud’.

 

The good news is that most banks don’t rely only on this method, and there are some things you can do to help make sure you’re more protected.

 

 

What can I do to reduce the risks?

 

Ensure you have a unique, secure password set on your EE account

 

Check your bank’s authentication policy. We generally only see these cases with banks that rely on SMS for two factor authentication – we do not see this type of fraudulent activity with banks that use other means such as mobile apps and devices for two factor authentications.


Make sure you keep your bank and contact details as protected as possible by regularly changing passwords for online services. Try not to have a single password for all accounts.

 

Avoid clicking on links in emails that you don't trust. ActionFraud has some great advice on how to protect yourself and spot the signs of fraud


Don't enter your personal details into any website you've accessed via a link in email.


Don't save your personal information on any computer which has shared or public access.


Be alert: if you are getting a lot of nuisance calls on your phone this could be a tactic used by fraudsters to make you turn off your phone (which makes SIM swap easier).

 

Contact us if you have concerns.

 

Don't give away too much personal information on social media or over the phone. Your bank will never ask for your personal information by phone  - this is a common phishing tactic used by fraudsters, so always be alert and contact your bank directly if you suspect any suspicious activity.


Keep anti-virus software up-to-date on your personal computer

 

 

What is EE doing?

 

We regularly review and update our process and policies to improve security to prevent SIM swap fraud. 

 

We’re continuing to work with the mobile and banking industries to help protect our customers and in particular advising them that SMS should not be used as two-factor authentication for financial transfers. 

 

 

 

If you have any questions please tap "Reply" below and we'll do our best to answer

Community guidelines Community stars programme




Meet the EE Community teamHow to use the community
10 REPLIES 10
by mcloggies Investigator
Investigator

Re: SIM swap fraud. What is it and how do I avoid it?

Hi There

 

Thank you this is a very helpful article.

 

Can you please advise whether the secure EE account password you are reffering to is the same as the one you use to logon to the EE Website or is that seperate?

 

Thanks

EE Customer.

by
EE Employee

Re: SIM swap fraud. What is it and how do I avoid it?

Hi @mcloggies and welcome to the community.

 

The secure EE password is the one when you give when you speak to customer services via telephone or live chat.

 

Ideally this would be different from your online account access.

 

Many thanks,

 

Lee

 

 

by mcloggies Investigator
Investigator

Re: SIM swap fraud. What is it and how do I avoid it?

Hi Lee

 

Appreciate the prompt response and clarification.

 

Can you please confirm if there are any published guidelines outside of this post in which EE detail and advise their customer to do this ? The reason i ask is that i dont see this mentioned on any of the existing articles on the link below?

 

https://ee.co.uk/help/help-new/safety-and-security

 

EE Customer.

by
EE Employee

Re: SIM swap fraud. What is it and how do I avoid it?

Hi @mcloggies

 

Having different passwords for the many different online accounts you have (such as your EE account, your email account, your online banking) is common tip to follow.

 

It limits the amount of accounts which could be breached should somebody get hold of one of your passwords. 

 

McAfee pride themselves on being the world’s largest dedicated security technology company, and they recommend this.

 

You can read their advice on online password security here.

 

Many thanks,

 

Lee

by superflyguy
Explorer

Re: SIM swap fraud. What is it and how do I avoid it?

all very interesting but what is in place at EE to prevent a criminal requesting a SIM swap in the first place?  i could be reading the article wrong but there doesn't seem to be anything in there that addresses this.  What security steps are in place a EE to verify that it is the SIM owner requesting the swap?

 

cheers

adam

by
EE Community Support Team

Re: SIM swap fraud. What is it and how do I avoid it?

Good Afternoon @superflyguy

 

Thanks for the question. 

 

Security questions will be asked to verify the account holder. 

 

Katie 🙂

by superflyguy
Explorer

Re: SIM swap fraud. What is it and how do I avoid it?

thanks for the reply.

 

however if a criminal has identified someone as a target for sim swap it's fair to assume they would probably have the answers to basic security questions, no? mothers maiden name, first school etc..  not hard to find out.

 

is there anything more robust that can be put in place?  a separate pin for example.

 

cheers

adam

 

by
EE Community Support Team

Re: SIM swap fraud. What is it and how do I avoid it?

Hi @superflyguy

 

Our security questions are put in place to protect customers and we had that in mind when we put our security questions in place. If you go into store you will be asked for photo ID. If we believe the caller is not the customer, they will be referred to an EE Store. 

 

Thanks, 

 

Katie 🙂

by mcloggies Investigator
Investigator

Re: SIM swap fraud. What is it and how do I avoid it?

Hi Katie

 

Yes, but what are the security questions that you ask?

 

I believe the concern is whether these questions are sufficient, possibly too generic and had been exposed in other third party breaches. This is a very important question as these services are used for MFA.

 

I dont believe this this well communicated by EE but there are addition steps EE customers can take to further secure their accounts. This is done by contacting EE and having a PIN placed on the account. 

 

 

Thanks

EE Customer.

 

 

 

 

 

 

by
EE Community Support Team

Re: SIM swap fraud. What is it and how do I avoid it?

Hi @mcloggies

 

Welcome back to the community.

 

For security reasons we do not disclose what questions may be asked. 

 

Katie 🙂

Can't find what you're looking for?

One of these options may help you find the answers you need.

Let's get started

Join the EE Community to ask, answer, learn and share.