Mobile Account Takeover Fraud is growing – Here our VP of Products, Neil Downing, explains what organisations can do to protect themselves.

30th April 2020

Account Take Over Alerts from TMT Analysis.

Ensuring customers are who they say they are is critical to every business, but the amount of fraud committed by criminals who take over your mobile telephone identity is increasing rapidly.

A recent study in the United Kingdom saw that reported instances of Mobile Account Takeover (also known as SIM-Jacking) have risen sharply with almost 4,500 cases reported in the previous 12 months and the average victim losing over £4,000 to an attack.

In addition, a recent report from the South African Banking Risk Information Centre (SABRIC) saw over the last 3 years a 200% year-on-year increase in this type of fraud. Yet, within the mobile community the data exists to defeat all the above-described fraud.

As companies engage and verify users via their mobile phone it is essential to take all reasonable steps to ensure that the phone you are transacting with belongs to the person that you think it does, not just during the on-boarding phase, but also in your day-to-day engagement with them.

“Mobile phones are a hotbed for account takeover” says Neil Downing, VP of Products at TMT Analysis. “Fraudsters are known to source customer information through social media, or even buying the data from areas such as the dark web. All it takes is a swapped out mobile SIM card or call forwarding to be enabled without the real customers knowledge, and you could be exposing your customers to fraud.”

Because many organisations use a customer telephone number to place calls or send SMS, there is significant vulnerability. By setting up either a SIM Swap or call divert, the fraudster can potentially gain access to a one-time password, or answer voice calls, allowing them to access a user’s account.

While many Sim Swaps are entirely legitimate, for example when you buy a new phone, criminals have exploited this vulnerability for their own ends. Once a fraudster has enough information on you, they contact the mobile network operator, posing as the victim. The fraudster tricks the mobile operator into setting up a SIM Swap by cancelling the victim’s SIM card and reactivating the victims telephone number to a new SIM card that is in the fraudster’s possession. As a result, all calls and messages to the victim’s telephone number are routed to the fraudster’s phone.

Call divert happens when a fraudster convinces a mobile operator to set up a call divert on a customer phone – a feature that forwards or diverts incoming calls to an alternate number (which can be a landline or mobile number). As a result, all calls to the victim’s telephone number are routed to the fraudsters phone, giving them access to customer bank accounts or digital wallets. The fraudster is even able to re-forward calls and messages that they are not interested in, giving the victim even less idea that they have been subject to this kind of attack.

“At TMT Analysis we blend together multiple data sources to build an authoritative picture of the mobile user. Our customers can check our live database which is connected to mobile networks globally and be alerted when call divert or simswap is active on a mobile device. In addition, we can even cross reference with our other live telecoms data to further verify that someone is who they say they are, alerting you to fraudulent activity and alerting you to potential account takeover.”


← Back