SIM swapping remains a marginal phenomenon in Germany

The threat of SIM swapping has been circulating in the German media for several weeks now. Is this a real intensification of the threat situation? heise online asked.

All of the current media reports we have checked that warn of a threat can be traced back to an announcement by the Warendorf police in North Rhine-Westphalia. In mid-May, the Warendorf police issued a warning about SIM swapping and received several reports.

SIM swapping scam

In SIM swapping, fraudsters take over the mobile phone number of victims. To do this, they order a new eSIM, for example, which is only digital and not physical and can be activated and used within minutes. Previous owners are locked out of their own number, the Warendorf police explain further. This takeover of mobile and email accounts opens the door to fraud and abuse. The perpetrators first collect the victim's personal data, such as name and mobile phone number. This may come from sources published by the victims themselves or may have been obtained through phishing. But criminals can also obtain such data on the darknet.

The perpetrators are perfidious in their approach. Some mobile phone providers allow text messages to be sent as a second factor for logging into the customer account. At the same time, the fraudsters send a fraudulent text message announcing a parcel delivery, for example, for which the recipient has to enter a code sent by text message. The recipients may not realize that the text message with the second factor code does not come from a parcel service. If the victims give this code to the perpetrators, they gain access to the victim's account, order the new eSIM, for example, and install it on their own device. "This allows the fraudsters to access the foreign account and use the victim's phone number for further crimes," the officials explain.

Current threat situation in Germany

When asked by heise online, a spokeswoman for the Warendorf police specified: "According to the specialist police department, there have been no further cases reported to us in recent weeks. In our event of the week, we always pick up on new forms of crime in order to sensitize the public". The information is not always necessarily based on a high number of cases.

This is also consistent with the information provided by the major mobile phone providers, the BKA and the LKA Lower Saxony in 2022 in response to our inquiry. According to the mobile phone providers, SIM swapping practically no longer takes place. The BKA confirmed that "such cases [...] are currently of no major relevance". The LKA Lower Saxony counted low double-digit numbers of cases per year.

Raising awareness of the danger posed by SIM swapping makes perfect sense. However, the threat is apparently still almost non-existent.

If someone does fall victim to this scam, it is advisable to follow the tips from the Warendorf police. Victims should inform all providers and services that the fraudsters can access, check all relevant accounts, change access data and then file a criminal complaint. Some protection is also provided by not publishing personal data such as name and mobile phone number, using anti-malware on the smartphone, not downloading files from insecure sources and not using online banking apps on the same devices on which mobile TANs are received. Recipients should also take a close look at the sender of confirmation codes.

(dmk)