SIM Swap Fraud: Challenges and Mitigation TechniquesA Panel of Experts Discuss the Various Challenges With SIM Swap Fraud
The FBI's Internet Crime Complaint Center recently came out with a report stating that people have lost millions of dollars to SIM swap fraud. How are banks and telecom industries across the globe coming together to fight the menace? Three panelists - Clare Messenger, global commercial head of fraud protection services, JT Global; Tom O’Malley, former assistant U.S. attorney, Department of Justice; and Ntshiki Maluleka, digital banking crime manager, South African Banking Risk Information Center - share their views.
"SIM swap fraud is part of the account takeover, and we do know in the U.K. the financial industry was the hardest-hit for account takeover fraud in 2021. When a consumer is asking to move an account to a new SIM, banks do carry out security checks, which are open to security flaws. We work with mobile network operators in releasing mobile data services to the banks that help with authentication checks," Messenger says.
"The faster the payment, the faster the fraud. We need to give customers tools so that if they see any different behavior, they can call. If we give people those tools, they become partners to fight criminals," O'Malley says.
"We made significant impact when we collaborate. There are a lot of social engineering attacks. Most voice calls are social engineering, are VOIP. We are collaborating significantly with mobile operators as well as law enforcement to identify and understand the modus operandi," Maluleka says.
In a video interview with Information Security Media Group, the panelists also discuss:
- The challenges of SIM swap fraud in their respective countries;
- How banks in South Africa are fighting the fraud;
- How the telecom industry can collaborate with banks and customers.
Messenger heads the fraud protection services division for JT Group, a telecom company with more than 600 mobile network operator partners worldwide. She has worked in the telecommunications industry for more than 10 years.
O’Malley is a former federal prosecutor who specialized in computer hacking and identity fraud cases. He has also been a victim of a data breach. O'Malley retired from a 37-year career as a prosecutor to help people protect themselves from becoming identity fraud victims following data breaches.
Maluleka is digital banking crime manager at the South African Banking Risk Information Center, or SABRIC. He also conducts training and capacity building for South African law enforcement agencies and for the National Prosecuting Authority and speaks at numerous conferences on topics related to cybercrime.