Over 50 Years of Empowering Lives

Search
Close this search box.

Over 50 Years of Empowering Lives

WHAT IS SIM SWAPPING?SIM SWAP FRAUD EXPLAINED AND HOW TO HELP PROTECT YOURSELF

Share Post:

“Fortunately, you can protect yourself against SIM swapping.

Imagine you suddenly couldn’t make phone calls, write texts, or access your online accounts — sound extreme or even unbelievable? Welcome to the reality of SIM swapping. Keep reading to learn what SIM swapping is, how to spot the signs of a SIM swap, and how to protect yourself. Then, get specialized mobile security software to help keep your personal information safe.
“Fortunately, you can protect yourself against SIM swapping.
SIM swap fraud occurs when scammers take advantage of a weakness in two-factor authentication and verification and use your phone number to access your accounts.
SIM swapping happens when scammers contact your mobile phone’s carrier and trick them into activating a SIM card that the fraudsters have. Once this occurs, the scammers have control over your phone number. Anyone calling or texting this number will contact the scammers’ device, not your smartphone.
This is known as SIM swap fraud, and it means scammers could potentially enter your username and password when logging onto your bank’s website. The bank will then send a code by text — two-factor authentication — to your smartphone number, a code that you’ll then have to enter to access your online account. The problem? After a SIM swap, that number now goes to the smartphone or other device possessed by scammers. They can then use that code to enter your bank account.
Fortunately, you can protect yourself against SIM swapping. It’s all about preventing scammers from finding out what logins and passwords you use to access your online bank or credit card accounts. And it helps, too, to look out for the most common warning signs of a SIM swap scam.

What is a SIM card?


To understand SIM swapping, you must first understand what a SIM card is.
Also known as a subscriber identity module, a SIM card is a small card that contains a chip. For your smartphone to work, you must insert a SIM card into it. This lets you make or receive calls and send texts.
The SIM card in your phone holds plenty of information. This includes data indicating that you have permission to make calls and send texts. Without the SIM card, you could only use your smartphone for activities such as accessing the web on a Wi-Fi network or taking photos.

How SIM swapping works


A SIM swap scam happens when criminals take over control of your phone by tricking your carrier to connect your phone number to a SIM card in their possession. These scammers basically take over control of your mobile phone’s number.
To steal your number, scammers start by gathering as much personal information on you as they can find and then engaging in social engineering.
First, the scammers call your mobile carrier, impersonating you and claiming to have lost or damaged their — really your — SIM card. They then ask the customer service representative to activate a new SIM card in the fraudster’s possession. This ports your telephone number to the criminal’s device, which contains the scammer’s own SIM card. Once your carrier completes this request, all phone calls and texts that are supposed to go to you will instead go to the scammer’s device.
How are fraudsters able to answer the security questions your mobile carrier asks? How can they provide any personal information your smartphone provider’s customer-service rep asks when trying to determine if it’s you on the other end of the phone?
That’s where the data scammers have collected on you through phishing emails, malware, or social media research becomes useful.

Once scammers provide your smartphone provider with the information, they’ve gotten from you or the dark web, they use it to convince your provider to switch your number to a new SIM card.
These criminals then gain access to and control over your mobile number, something that fraudsters can use to access your phone communications with banks and other organizations, in particular, your text messages. They can then receive any codes or password resets sent to that phone via call or text for any of your accounts. And that’s it: They’re in.
How do they get your money? They might set up a second bank account in your name at your bank, where, because you’re already a customer, there might be less robust security checks. Transfers between those accounts in your name might not sound any alarms.

Social media’s role in SIM swap fraud


Scammers can use your social media profiles to gather information on you that may help them impersonate you when they’re trying to close a SIM swap scam.
Say your mother’s maiden name or your high school mascot are answers to your security questions. A fraudster might be able to discover that information within your Facebook profile.
But there is some good news here: social media also can alert you to being victimized.
Consider the high-profile example of a SIM swap scam against Twitter CEO Jack Dorsey. Dorsey’s Twitter account was hacked when fraudsters gained control over his phone number. The scammers behind this went on to tweet offensive messages from Dorsey’s Twitter handle for the 15 minutes it took to regain control of his account.
How did the hackers get access to Dorsey’s phone number? They somehow convinced Dorsey’s phone carrier to essentially swap SIM cards, assigning Dorsey’s phone number to their SIM card and phone. They then used Cloudhopper’s text-to-tweet service to send their messages through Twitter.

Signs that you’re the victim of a SIM swap


It’s important to recognize the warning signs of a SIM swap. Doing so can help you shut down fraudsters’ access to your phone – and all the
texts and calls it receives — quickly, hopefully before they cause too much damage.
One warning sign, as seen in Dorsey’s case, is social media activity that isn’t yours. The tweets made to Dorsey’s Twitter account alerted him to the breach.
But here are four other key signs that you might be a victim of SIM swapping.

  1. You can’t make calls or send texts
    Getting errors when trying to send texts or make calls? The first sign that you could be a victim of SIM swapping is when your phone calls and text messages aren’t going through. This likely means fraudsters have deactivated your SIM card and are using your phone number.
  2. You’re notified of activity elsewhere
    You’ll know you’re a victim if your phone provider notifies you that your SIM card or phone number has been activated on another device.
  3. You’re unable to access accounts
    If your login credentials no longer work for accounts like your bank and credit card accounts, it’s likely that scammers have changed your passwords and usernames, maybe after having taken over your phone number. Contact your bank and other organizations immediately to let them know.
  4. You find transactions you don’t remember making
    If you’re checking your online credit card statement and you notice several transactions that you don’t remember making, you might be the victim of a SIM swap scam. This is a sign that criminals have accessed your credit card number and used it to make unauthorized purchases. They might have done this by first stealing your phone number and using the information sent to it to access your account.

HOW CAN YOU PROTECT AGAINST SIM SWAP SCAMS?

Fortunately, there are ways in which you, and your service providers, can help protect against becoming a victim of SIM swap fraud.

  • Online behaviour: Beware of phishing emails and other ways attackers may try to access your personal data to help them convince your bank or cell phone carrier that they are
  • you. Don’t click on links in email messages from people you don’t know. And remember, your bank, cable provider, credit card company, or other service providers won’t ask for your personal or financial information through an email message.
  • Account security: Boost your account security with a unique, strong password and strong security questions and answers that only you know.
  • PIN codes: If your phone carrier allows you to set a separate passcode or PIN for your communications, consider doing it. It could provide an additional layer of protection.
  • IDs: Don’t build your security and identity management including authentication solely around your phone number. This includes text messaging (SMS), which is not encrypted.
  • Authentication apps: You can use an authentication app such as Google Authenticator, which gives you two-factor authentication but ties to your physical device rather than your phone number.
  • Bank and mobile carrier alerts: See if your banks and mobile carrier can combine efforts, sharing their knowledge of SIM swap activity, and implementing user alerts along with additional checks when SIM cards are reissued, for instance.
  • Behavioural analysis technology: Banks can use technology that analyses customer behaviour to help them discover compromised devices, warning them not to send SMS passwords.
  • Call-backs: Some organizations call customers back to make sure they are who they say they are — and to catch identity thieves.
    SIM swapping is one reason why a phone number may not be the best verifier of your identity. It’s a breachable authenticator. Adding additional layers of protection could help keep your accounts — and your identity — safer.
    -Courtesy of us.norton.com

Stima and Cookies

This website uses cookies to ensure you get the best experience on our website. Read our Cookie Policy to learn more

remittance options

A.

  • Customer downloads app pesadirect or visits www.pesadirect.com
  • https://play.google.com/store/apps/details?id=com.pesadirect.app
  • https://apps.apple.com/us/app/pesadirect/id1544980130
  • After installing the app, enter the amount to Send and click “continue”
  • Click “Sign Up” or login if you had previously registered on Pesadirect.com
  • Sign up as a new user
  • Select Receive Method as “Bank or Sacco Deposit”. Click “Add new Bank or Sacco”
  • Select Stima Sacco from the list
  • Enter your Stima Sacco Account Number 802*******00, and click “Add Bank or Sacco”
  • Add your method of payment (Debit Card preferred)
  • Review order information, and if OK, click “confirm”
  • Your Transaction is Complete! You may download the receipt for your records

B.

Bank details to use

  • Account name: Stima Sacco Society
  • Account number: 01120069062600
  • Bank: Cooperative Bank
  • Branch: Stima Plaza Branch
  • Swift Code: KCOOKENA
  • Branch Code: 11035

C.

Members with mpesa access can send directly using the Paybill options below.

Deposit using Mpesa

  • You need to be an M-PESA registered customer
  • Go to M-PESA on your phone menu
  • Select Payment Services/ Lipa na M-Pesa
  • Select Pay Bill Enter 823244

For Monthly Deposit, enter 802xxxxxxx00, where xxxxxxx is your member number.

For shares Capital, enter 800xxxxxxx00, where xxxxxxx is your Member number.

For Deposit into Prime a/c enter 801xxxxxxx00, where xxxxxxx is your member number.

NB: Your membership number ought to be seven digits.

  • Enter the amount you wish to pay
  • Enter your M-PESA PIN, confirm details are correct and press OK