Today (Wednesday, January 26), I received at least three requests on my SIM line, in which some fraudsters somewhere were attempting to register new SIM cards using my national ID number.
The first SMS that I received from Safaricom service line 707 was delivered at 12:07pm. It read: “Dear customer, a new number 797XXXX08 is about to be registered under your ID number. Please reply with Yes to continue or NO to cancel the registration.”
I quickly pressed: “NO” and, immediately the service line sent back a receipt message, saying: “Dear customer, the new line registration request received under your ID has been cancelled. Thank you.”
The fraudsters, a few minutes apart, tried two other new registrations using my ID number. One of the numbers, Safaricom said, was 799XXXX24, while the other was 794XXXX20.
In the two subsequent registration attempts, I rejected the requests, as I did with the first. All that happened in a span of five minutes, or so.
After the third unsuccessful attempt, the fraudsters gave up.
That five-minute incident left me wondering “who could be having my ID card out there?” I lost my ID card sometime back, and replaced it promptly. But, it’s clear that someone has my ID details, and he or she is most likely out to commit a criminal activity using it, based on the botched SIM registration attempts that he or she made on Wednesday.
My reflexes drove me to Google, where I searched the Safaricom service line 707: what is it, and what happens if someone doesn’t respond promptly to the SIM registration commands?
Safaricom introduced the 707 feature in May 2020 that alerts you when someone tries to register a new SIM card with your ID number.
In case it is not you, you will reply with “NO”, and the registration will be stopped. The issue is then escalated to the Safaricom Risk Assessment team that will follow up, and eventually block the line used for this fraudulent activity.
The registration of the new line will not take place.
“If the customer chooses not to respond with either of the options given, the registration will not be completed,” Safaricom says on its website.
Both Safaricom and Airtel have a USSD code (*106#) that allows you to check whether there are other SIM lines registered in your name.
Stay informed. Subscribe to our newsletter
Sim-swap
Sim-swap is the other phone-related fraud that has gained impetus of late.
It happens when someone convinces your mobile operator to switch your phone number over to a SIM card that a criminal possesses.
Hannington Oduor, a security system analyst at Kenya Power, disclosed to The Standard the tricks used by fraudsters to successfully conduct SIM swaps.
“SIM-swap basically is a form of identity theft. In other circles, it’s called impersonation. The fraudster would call you, and play mind games on you. For instance, after you’ve received the call, he or she will refer to you by your full name, saying they’re calling you from your network service provider,” said Oduor.
“They’ll thereafter read out your full ID number, and go ahead to ask you to confirm if the digits are correct. They do this to win your confidence. That’s what they want at Stage One, before continuing with the fraud.
“Stage Two of their deceit, is issuing out instructions. They’d be calm and patient, and you wouldn’t know that the commands that they’re making lead to them either getting more information about your mobile money, or allows them to activate the SIM-swap prompts,” added the cyber security expert.
“Most victims that I have interacted with said they remember being asked to dial the USSD code 33*0000*, while others said they were instructed to dial #253257# or ##72786#. These codes basically send a command that you’ve lost your SIM card, and are, therefore, initiating a swap process.
“Once you initiate the swap process, the network on your gadget disappears. While offline, and maybe attempting to visit your network provider’s shop, the fraudster, armed with your details, would have already called your service provider, claiming that he or she has lost his SIM, and wants to renew it. He or she will, thereafter, provide your details to the mobile service agent, who, unbeknown to him or her – or out of naivety – will help in activating the line.
“The fraudsters, thereafter, access your mobile money, mobile banking, credit facilities, among others, to wipe out funds from the accounts,” said Oduor.