- IBM wins UK lawsuit against LzLabs for mainframe intellectual property theft
- ”響く”データを求めて、ヴィッセル神戸がチームと事業の両方で進めるデジタル改革
- Get Adobe's Photoshop for iPhone and web for under $8 per month
- Trump's DoJ keeps pushing for Google to get rid of Chrome
- As AI agents multiply, IT becomes the new HR department
SIM Swapping Fraud Surges in the Middle East
A surge in SIM swapping fraud across the Middle East has exposed new tactics used by cybercriminals to exploit victims.
According to a new report by Group-IB, fraudsters are increasingly leveraging phishing websites and social engineering to bypass security measures, allowing them to hijack mobile numbers and access sensitive accounts.
How SIM Swapping Fraud Works
Investigations have shown that attackers first obtain personal details, such as national IDs and banking information, through fraudulent websites that mimic legitimate services. This data is then used to request a SIM swap or port-out, effectively transferring control of the victim’s phone number to the fraudster.
Once in control, criminals intercept SMS-based two-factor authentication (2FA) codes, enabling them to carry out unauthorized financial transactions.
One of the key findings from recent fraud cases is the rise of phishing websites specifically designed to imitate high-demand services. Fake domains have been found targeting industries such as car insurance, domestic worker hiring and government services.
By exploiting regional trends, attackers increase their chances of deceiving victims into entering sensitive information.
Financial Losses and Growing Risks
A recent case study highlighted how a phishing website impersonating an insurance provider led to multiple complaints of SIM deactivations.
Further analysis revealed a more extensive network of fraudulent domains linked to a single administrator, all designed to harvest personal data. Many of these domains used bulk registration tactics and typosquatting to evade detection.
Financial losses from SIM swapping fraud continue to rise, with Group-IB reporting that 39% of cases involved multiple unauthorized transactions. Losses ranged from $270 to $5,400, though some incidents have exceeded $160,000.
Attackers have been found using compromised SIMs to reset banking credentials, transfer funds to mule accounts and conduct fraudulent payments through digital wallets.
How to Protect Against SIM Swapping
To counteract these threats, financial institutions and individuals must take proactive measures.
For Banks and Telecom Providers:
- Freeze high-risk actions when a SIM swap is detected and require additional identity verification
- Use behavioral analysis to detect suspicious logins and transactions
- Improve real-time intelligence sharing between banks, telecom providers and regulators
For Individuals:
- Replace SMS-based 2FA with authenticator apps like Google Authenticator or Duo
- Be cautious of phishing websites and unsolicited messages requesting personal information
- Report any unexpected SIM deactivation or unauthorized account access immediately
Despite ongoing efforts to curb SIM swapping fraud, criminals continue to refine their methods. Without stronger security measures and greater awareness, victims remain at risk of financial and identity theft.
