Communications Authority of Kenya Warns on How to Prevent Illegal SIM Card Swap

  • The Communications Authority of Kenya (CA) on Thursday issued a statement on the steps you should take to prevent illegal SIM card swap by fraudsters.

    In the wake of increased crimes involving SIM card swap, the CA has cautioned the members of the public against disclosing of sensitive Personal Identification Information (PII) to third parties.

    According to CA Director General Francis Wangusi, divulging any information that can be used to distinguish or trace one's identity including date of birth, national ID number, mobile money PIN, bank account PIN, password is the first step to risking a SIM swap by fraudsters.

    [caption caption="A graphic illustrating a cyber criminal"][/caption]

    The fraudsters usually makes a call pretending to be an employee of a mobile network operator, on picking the call, the fraudster asks the unsuspecting mobile subscriber to share their Personally Identifiable Information (PII).

    Fraudsters use the PII to swap the SIM card and gain access to all the SIM services including mobile money transfer, mobile and internet banking.

    "Never divulge any of your PINs to anyone, not even the mobile money service provider or agent," the CA Director General stated.

    Wangusi also pointed out the major red flag that should ring alarm bells of possible fraud is a sense of urgency or the use of high-pressure tactics in any transaction request.

    Here are the tips CA offers for you to prevent illegal SIM card swap:

    Slow Down

    Fraudsters want you to act first and think later. If the request conveys a sense of urgency, or uses high-pressure tactics be skeptical; never let their urgency influence your careful review.

    Be Cautious

    Do not respond to calls or emails asking for Personally Identifiable Information (PII) such as mobile money PIN, national ID number, bank account PIN, password, date of birth.

    The only exception is when you verify the authenticity of the person you are corresponding with by contacting the official customer care contacts of the service provider.

    Reject requests for help or offers of help

    Legitimate companies and organizations do not contact you to provide help. If you did not specifically request assistance from the sender, consider any offer to "help" a scam.

    Delete any Financial Information Request

    If you get asked to respond to a request with personal information including passwords, it's a scam.

    Your PIN is Your Secret

    Although this may seem obvious or sound cliche your PIN is the last line of defence and divulging it to anyone including the mobile money service provider or agent makes you a candidate for SIM card swap.

    Research the Facts

    Be suspicious of any unsolicited messages or requests. If the request looks like it is from a company you use, do your own research.

    Use a search engine to go to the real company’s site, or a phone directory to find their official contacts and confirm if they are the ones contacting you.

    Report Fraud Cases

    In case you learn that you are being targeted by fraudsters, report immediately to the Service Provider, the nearest Police Station, and to the National KE-CIRT/CC including by forwarding fraud SMSs and fraudster contacts via text to 333.

    criminal suspect illegal scam