SIM Replacement via Insider Collusion — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Severity: HIGH | View Full Scam Details

SIM Replacement via Insider Collusion Scam in India 2026: How Your Phone Number Can Be Hijacked

In 2026, a dangerous cybercrime pattern called SIM Replacement via Insider Collusion is threatening mobile users across India, risking their money and data through inside help at telecom outlets.

What Is the SIM Replacement via Insider Collusion?

SIM Replacement via Insider Collusion is a rising form of fraud in India where scammers work with employees at telecom retail stores to swap a victim’s SIM card onto a new device without proper consent. This allows fraudsters to receive all calls, messages, and OTPs meant for the victim, enabling financial theft and identity misuse.

This scam specifically targets individuals whose sensitive KYC (Know Your Customer) data is leaked or phished. Personal info such as Aadhaar number, mobile number, and address details often come from data breaches circulating on the dark web or are collected through social engineering. Vulnerable people sharing travel plans, financial updates, or personal details on social media become easy prey for criminals who use these fragments to convince insider staff.

Reported cases in India are growing, triggering advisories from CERT-In and warnings by RBI that highlight risks related to OTP theft and SIM swaps. According to digital crime reporting platforms like I4C (Indian Cyber Crime Coordination Centre), this scam has a high severity score due to its potential to drain bank accounts via UPI fraud and misuse of Aadhaar-linked services.

How This Scam Works — Step by Step

Understanding the sequence helps you spot and stop the scam before damage occurs:

1. Data Gathering: Fraudsters collect victim details from leaks or social media to build a credible profile.
2. Insider Contact: Scammers collude with an employee at a local telecom outlet willing to bypass verification norms.
3. Visit to Telecom Outlet: The insider uses the victim’s personal details to request a SIM replacement or new SIM activation, claiming the old SIM is lost or damaged.
4. Fake KYC Check: The insider convinces the staff or uses fake documents to pass Aadhaar-based biometric or OTP verification fraudulently.
5. SIM Swap Activation: The victim’s phone number is transferred to a new SIM in fraudsters’ hands.
6. OTP Hijack and Transactions: Fraudsters receive all OTPs for banking, UPI payments, and other services, enabling unauthorized transactions or identity theft.
7. Victim Realizes Delay: The victim suddenly loses mobile connectivity and cannot authenticate transactions, often discovering the fraud only after financial loss.

Real Warning Signs to Watch For

• Sudden loss of mobile network or “SIM not registered” messages without changing your phone or location.
• Receiving OTPs or verification SMS for transactions you did not initiate.
• Calls or messages from unknown telecom agents asking you to verify personal data.
• Unexpected requests for your Aadhaar details or biometric scans at third-party shops.
• Social media posts or profiles oversharing travel or financial info.
• Alerts from your bank or UPI app about unrecognized transactions or failed payments.
• Receiving SMS about SIM activation or replacement when you made no request.

What Happens to Victims

Victims of insider SIM replacement scams face severe financial losses in India. Fraudsters hijack UPI transactions using OTPs, often transferring money out within minutes — funds rarely recoverable due to the instant finality of UPI payments. Aadhaar-linked identities are also misused to open fraudulent bank accounts, apply for loans, or steal subsidies.

Emotionally, victims feel helpless and violated. Losing control over one’s phone number cuts off access to multiple digital services — from banking to email recovery and life-saving emergency contacts. Furthermore, resolving the aftermath involves long police reports, telecom complaints, and financial institution coordination, all of which can be overwhelming.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has issued cautionary circulars stressing that customers must protect their OTPs and personal details, never share them with anyone, and verify SIM replacement requests closely. RBI’s helpline for fraud complaints is 1800-425-9298.

CERT-In, India’s official cybersecurity agency, alerts users about insider threats in the telecom sector that compromise SIM security, urging vigilance when sharing Aadhaar details. The national cybercrime helpline, 1930, helps victims report suspicious activities and register complaints under the IT Act 2000 and its amendments.

The Indian Cyber Crime Coordination Centre (I4C) encourages citizens to file cases of SIM swap fraud on cybercrime.gov.in to get timely assistance and escalate enforcement.

How to Protect Yourself

1. Limit sharing sensitive personal data like Aadhaar or phone number, especially on social media.
2. Never share OTPs, passwords, or biometric data with any unknown caller or person at telecom outlets.
3. Verify any SIM replacement requests directly with your telecom company using official helplines, not third-party agents.
4. Enable two-factor authentication (2FA) using apps rather than SMS OTPs for banking or critical accounts.
5. Regularly check your mobile network’s status — sudden disconnection without explanation can be a warning.
6. Register for mobile number portability protection and “do not disturb” services to reduce spam calls.
7. Keep your mobile apps, especially UPI and banking ones, updated with the latest security patches.

What to Do If You’ve Been Targeted

Immediately contact your telecom provider’s customer care to block or deactivate the replaced SIM. File a police complaint detailing the incident and submit a cybercrime report on cybercrime.gov.in to document the fraud formally.

Alert your bank and UPI provider, request them to freeze any suspicious transactions, and change your passwords and linked email IDs. Use the 1930 cybercrime helpline to seek government assistance in case of insider collusion.

Monitor your Aadhaar authentication history at the UIDAI portal to check for unauthorized KYC attempts. It’s important to act quickly as financial recovery becomes harder over time.

Frequently Asked Questions

Q: How do scammers get my personal details for SIM replacement?
A: They use a mix of leaked data from breaches, phishing attacks, or monitor social media activity to collect your Aadhaar number, phone number, and address. These details help them trick telecom employees into approving SIM swaps.

Q: Can I stop the SIM replacement process if I receive an SMS about it?
A: If you receive an unsolicited SIM activation or replacement message, immediately contact your telecom provider’s official helpline and report the incident. Do not share any OTP with anyone and verify any suspicious activity.

Q: What if my mobile suddenly stops working and I suspect SIM swap fraud?
A: Quickly reach out to your telecom operator to confirm if your SIM is active or replaced. Simultaneously, report the matter to the police and cybercrime authorities using the 1930 helpline to take action while preventing further misuse.

For any suspicious messages or calls asking for your Aadhaar or OTP, always verify before responding at BharatSecure.app. If you face fraud, report immediately to the 1930 cybercrime helpline.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.