Communications operators of the Russian Federation are looking for new means of protecting mobile numbers from theft by fraudsters
“Beeline” offered subscribers protection of SIM cards from “theft” using two-factor authentication – a verification code is sent to e-mail. Such confirmation will be relevant for cases when fraudsters try to reissue a SIM card in a communication salon.
Igor Bederov, head of the investigation department of T.Hunter, explains that the reissuance of a SIM card using forged documents has become the most popular and most affordable way of hacking. This allows you to access the subscriber’s personal account and download details of connections. Such information will cost from 80,000 rubles from criminal investigators. up to 100,000 rubles, the expert noted.
Every year, this method leads to the theft of up to 1,000 numbers of subscribers of various operators, says Denys Kuskov, head of the Telecom Daily agency.
The two-factor authentication service for Beeline customers was launched at the beginning of the month. The application for reissuing a SIM card will be processed until the subscriber confirms the replacement by e-mail. The procedure will require an additional document: driver’s license, SNILS or another.
In addition, the subscriber will receive an SMS from the operator about an attempt to reissue the SIM card.
At the beginning of 2024, Tele2 also launched two-factor authentication for personal account login linked to email. The operator blocks incoming SMS for 24 hours after the replacement, so that criminals cannot withdraw money.
Tele2 employees check the issuance of a notarized power of attorney on the website of the Federal Notary Chamber. The document is necessary for reissuing a SIM card without a client.
The director of the regional engineering center of NTI SafeNet, Denis Kuvikov, points to the insufficient level of competence of some employees of communication salons, who may not be able to distinguish a fake document from a real one. According to Ruslan Permyakov, Deputy Director of the Competence Center of NTI “Technologies of Trusted Interaction” on the basis of TUSUR, some employees may be involved in fraudulent schemes.
Tele2 shared that criminals resort to social engineering methods to “steal” SIM cards. They are provided by the operator’s support service and ask for a verification code. After entering the personal account, fraudsters can request a replacement eSIM and install an electronic card on their device, gaining access to the victim’s online banking.