Вікторія Горбік That's Life 10 March 2025, 13:41

Cyber police warn of fraudulent SIM card reissuance scheme. How it works and can you protect yourself?

Among the most popular cyber fraud schemes that attackers are currently using is taking over users' SIM cards. The Cyber Police of Ukraine explained what this leads to, what risks you may face, and what you should definitely not do.

How the scheme works

attackers contact the mobile operator on behalf of the user,
they claim to have lost their SIM card,
the operator reissues the card,
The user’s original SIM card is blocked.

What does this threaten?

The next step after reissuing the SIM card is for the fraudsters to authorize it in online banking applications in order to then cascade the money from the user’s bank account to an account under their control.

How to stay safe

Be wary of calls from purported mobile operator representatives. If you receive a call asking for a verification code or personal information, do not provide the information and end the call immediately. If in doubt, call your operator yourself using the official number.
If you suspect that your card is being reissued, contact your mobile operator’s support service immediately. Report suspicious activity and block remote reissue of your SIM card.
Break the «chain» of fraudulent calls. If you receive a call with suspicious offers or a request to call back, immediately call your friends or relatives — this will break the possible fraudulent mechanism.
Prohibit remote reissuance of a SIM card. In the settings of the mobile operator or through the contact center, you can activate a function that allows reissuance of a SIM card only upon personal visit to an official store and presentation of a passport.
Use a unique number for financial transactions. It is advisable to have a separate phone number for banking transactions that is not listed publicly, including in advertisements or for social networks or messengers.
Consider switching to a contract service or linking a prepaid phone number to your passport. This form of connection provides a higher level of security, as reissuance of a SIM card is possible only in person and upon presentation of a document.

You should not enter your phone number on websites or online resources that you do not trust. If this happens:

the user will start receiving certain calls from unfamiliar phone numbers, the so-called «fraudulent call chain», which can be interrupted;
Since fraudsters use the three verification phone numbers that last made calls on your phone to reissue SIM cards, to break this «chain», you need to call three subscribers that the user trusts using a mobile phone;
Cyberpolice advises linking your phone number to your passport, as reissuing a SIM card without the personal presence of the number owner at the cellular operator’s branch with a passport will not be possible.

The cyber expert added that some mobile operators charge an additional fee for linking a mobile phone number to a user’s passport, but, according to him, this service is usually free.

What to do if you become a victim of scammers

Contact your mobile operator immediately and report the reissue of your SIM card without your knowledge. Ask them to temporarily block your number.
If you suspect that fraudsters have gained access to your bank account, contact the bank and block your cards and online access.
Check access to your social media and email accounts. If you suspect a hack, change your passwords.
If scammers have gained access to your accounts, inform your friends and acquaintances so that they do not fall into the scammers' trap (for example, if scammers ask for money on your behalf).
Contact law enforcement with a fraud report or submit an electronic appeal to the cyber police using the link.