Insights • Blogs/Articles

Phishing, SIM Swap and the Sekura Solution

Sarah Small

Global Partner Marketing Manager

Sekura Mobile Intelligence Ltd

A 27 year old has been arrested in Dublin in connection with sim-swapping fraud of bank customers worth €200k (The

SIM swap fraud reports have increased by a massive 400% in the past five years overall, according to Which? 

A 15 year old hacker and his accomplices stole $23 million in cryptocurrency from an adviser to blockchain companies – achieving the feat by performing SIM swap fraud and then intercepting authentication messages in order to access  the victims digital wallet.

Which headline do you pick?

There are so may hard-hitting facts you could use when discussing the growth and impact of SIM Swap fraud.

Ever since the rise of mobile phones, criminals have been trying to figure out ways to use mobile technology for their own gain. In a SIM swap scam, fraudsters convince mobile operators to switch a would-be victim’s mobile number to a SIM card that the criminal has access to. 

Various techniques are used to get the operator to make the switch, including phishing, where the fraudster uses clever tricks to manipulate individuals into divulging confidential or personal information that they then use to persuade the operator that they have legitimate access to a victim’s account.

Once the criminal has persuaded the mobile operator that they’re legit they disconnect the victims phone number from their existing SIM card and assign it to the new, fraudulent, SIM card. Using that SIM, the criminal can then go about resetting account passwords and taking control of any two-factor authentication that goes to the victim’s phone via text message.

The criminal now has complete access to calls, texts and anything else sent to the new device, enabling them to log in and empty all of the victim’s accounts, while effectively shutting the legitimate user out.

Mobile Authentication offers a real-time solution

Mobile authentication uses trusted, secure mobile operator technology to deliver a non-hackable real-time check that confirms possession of the mobile device at the time of transaction, without requiring the user to locate or enter an OTP, download an app or find and use a Secure Key hardware token. It’s cheap to run based on a cheap transactional model – no upfront investment required – and is accessible to all connected mobile devices.

Through integration of a simple API into an existing app flow the mobile device possession can be checked seamlessly and the user allowed access to their service without any impact on the user experience. Overlaying other mobile identity attributes, such as name/address checks or SIM Swap flags can help strengthen the authentication value by adding ID verification and account takeover checks to add confidence that the user is who they say they are and that they are in possession of their mobile device.

With coverage across 5 continents, Sekura Mobile Intelligence is the leading global provider of mobile data, providing trusted, secure and easy-to-consume solutions for ID verification, anti-fraud and secure online authentication use cases.

Sekura works with established KYC, identity verification and risk data providers who have already integrated into leading global brands with demand for mobile identity solutions.

Through the integration of real-time mobile data into our partners existing services, we enable them to extend and enhance their customer offerings into new services, use cases and geographies through adoption of SAFr, our single standards-based, mobile intelligence API.

To offer your customers the opportunity to benefit from our global mobile identity solutions, contact the Sekura team today.