SIM Card Swapping Fraud: Challenges and Mitigation Techniques

Account takeover fraud, fraud management and cybercrime

A panel of experts discusses the various challenges of SIM card swapping fraud

Suparna Goswami (gsuparna) •
March 24, 2022

From left to right: Ntshiki Maluleka, Clare Messenger and Tom O’Malley



The FBI’s Internet Crime Complaint Center recently released a report that people have lost millions of dollars to SIM card swapping fraud. How are banks and telecommunications industries around the world coming together to fight the threat? Three panelists – Clare Messenger, Global Business Manager Fraud Protection Services, JT Global; Tom O’Malley, former Assistant US Attorney, Department of Justice; and Ntshiki Maluleka, Head of Digital Banking Crime, South African Banking Risk Information Center – share their views.

See also: Live webinar today | Advocacy for managed endpoint detection and response

“SIM card swapping fraud is part of account takeover, and we know that in the UK the financial sector has been the hardest hit by account takeover fraud in 2021. When ‘a consumer requests to move an account to a new SIM card, banks perform security checks, which are open to security breaches. We work with mobile network operators to provide banks with mobile data services that facilitate authentication controls,” says Messenger.

“The faster the payment, the faster the fraud. We need to give customers tools so that if they see different behavior, they can call. If we give people these tools, they become partners in fighting criminals “, says O’Malley.

“We have had a significant impact when we collaborate. There are a lot of social engineering attacks. Most voice calls are social engineering, are VOIP. We collaborate significantly with mobile operators as well as with law enforcement to identify and understand the modus operandi,” Maluleka said.

In a video interview with Information Security Media Group, the panelists also discuss:

  • The challenges of SIM card swapping fraud in their respective countries;
  • How South African banks are fighting fraud;
  • How the telecommunications industry can collaborate with banks and customers.


Messenger leads the fraud protection services division for JT Group, a telecommunications company with more than 600 mobile network operator partners worldwide. She has worked in the telecommunications industry for over 10 years.

O’Malley is a former federal prosecutor specializing in hacking and identity theft cases. He was also the victim of a data breach. O’Malley retired after a 37-year career as a prosecutor helping people protect themselves from victims of identity fraud as a result of data breaches.

Maluleka is the Head of Digital Banking Crime at the South African Banking Risk Information Centre, or SABRIC. He also organizes training and capacity building for South African law enforcement and the National Prosecuting Authority and speaks at numerous conferences on topics related to cybercrime.

Back To Top