ESET Warns About SIM Card Scam in Russia

A new type of scam has emerged in Russia, where criminals create a duplicate SIM card of the victim and withdraw money through a banking app, according to experts from the international antivirus developer ESET.

In the first stage, scammers purchase accounts on popular social networks from the dark web. These accounts resemble real people’s profiles and may even contain photos or be periodically updated.

Next, the search for a victim begins, using advertising tools and built-in search features on Facebook and Instagram. The main targets are major entrepreneurs, whom cybercriminals contact while posing as attractive, single women. Typically, the victim is led to believe they have much in common with the fake persona, such as graduating from the same university or sharing similar hobbies. The scammers then suggest continuing the conversation in a messenger app to obtain the victim’s phone number.

After acquiring the number, the criminals contact the bank pretending to be the victim, claiming to have lost their password for the banking app. Since authentication is done via the mobile number, the scammers immediately gain full access to the client’s bank card.

How to Protect Yourself from SIM Card Scams

• ESET specialists recommend getting a second virtual number through your mobile operator’s app.
• Switch SMS authorization in all banks to push notifications within the banking app.
• At your mobile operator’s office, prepare a document that prohibits issuing a duplicate SIM card without your personal presence.
• Remain vigilant and avoid giving your phone number to people you don’t know well.