Behind Every Scam Call: The Hidden Business of Fraudulent SIM Cards

 Isharth Kumar
Isharth Kumar
(Intern) Policy & Advocacy, CyberPeace
PUBLISHED ON
Jul 7, 2026
10

Introduction

Recently, the Delhi Police arrested a licensed telecom PoS agent, who identified himself as “Shivam Telecom," from a roadside kiosk adjacent to Hindu Rao Hospital. On the face of it, the headline may have simply read, “One man, one arrest." However, beneath that arrest is the unsettling story of a fully legitimate retail shop actively forging other people’s identification documents into weapons, one SIM card at a time, for as little as ₹500-600 each. This is not an account of an isolated offender; it is a peek into the vulnerability of SIM card security for typical end-users and the reasons why every mobile phone subscriber must pay attention to the unseen journey of his number.

 Why SIM Security Matters Now

Erstwhile, a SIM card was only a simple device for sending text messages and making calls. Today, however, it’s also a direct link to most of our lives online, be it online banking to verify it through one-time passwords (OTP) or Unified Payments Interface (UPI); social media platforms; or email accounts to reset a forgotten password, two-factor authentications (2FA), or even numerous other online services. Therefore, losing a SIM card and getting it fraudulently issued under your name, or criminals accessing your identity to buy a SIM, can be a serious cause of concern, as they can then impersonate you, conduct various frauds, bypass checks, or commit acts that can lead to you being wrongly implicated.

According to the investigation, criminals were procuring SIM cards through the authorized outlets of telecom companies, not unlicensed dealers. This clearly proves a deficiency in the Know Your Customer (KYC) process for the SIM card activation. The situation, however, is worse and is also highlighted by the fact that more than 21 lakh mobile numbers from the more than 114 crore mobile numbers reviewed under the Sanchar Saathi initiative launched by the department of telecommunications (DoT) were associated with fake or invalid identity documents. A state police chief of Tamil Nadu claims that 90% of the cyber fraud cases involved SIM cards obtained through misused identity documents.

How Illegally Activated SIMs Fuel Everyday Scams?

Once a SIM is activated using someone else's identity documents or biometric data, without their knowledge, it becomes a disposable, hard-to-trace tool for criminals. Here's how that plays out in practice:

  1. Phishing and impersonation calls: Using an honest person’s details for a SIM registration allows the scammer to have a “clean” number that won’t tip off victims about a potential scam immediately when carrying out a fake bank call, fake delivery scam, or fake impersonation of an officer.
  2. OTP and account-takeover fraud:  Since the SIM card is used as the anchor to OTP verification, an unauthorized SIM can be used to capture one-time passwords to activate new digital payments, create a new digital payments account, or use other personal information linked to your phone number to reset your service passwords.
  3. Financial fraud and money mule networks: According to the investigators, such SIMs were extensively being used to open digital payment accounts as well as to flow money across a number of fraud chains, thus enabling the fraudsters to build a layer of financial infrastructure that is not linked with their actual identities.
  4. Identity theft with real-world consequences: The identity of the Aadhaar holder (whose document was used to activate the SIM card) might be unaware that a SIM exists under his name until the fraud is uncovered during a loan default or a criminal investigation where he is forced to justify a crime committed using “his” number that he is oblivious to. 

That is the anonymity that SIM-card fraud has: the fact that the SIM on the face of it seems genuine, but the one operating it and the registered owner have absolutely no relationship whatsoever.

Red Flags Every Mobile User Should Watch For

Most people won't know their identity has been misused until something goes visibly wrong. A few warning signs are worth taking seriously:

  1. Your SIM suddenly loses network connectivity or displays "No Service" for an extended period without any known outage, SIM replacement request, or billing issue.
  2. You stop receiving OTPs or verification messages for banking, UPI, or other online services, particularly if login attempts continue to occur on your accounts.
  3. You receive unexpected OTPs, verification codes, or account alerts for services you never signed up for, indicating that someone may be attempting to use your mobile number.
  4. You receive calls or messages intended for someone else or asking you to confirm activities you never performed, which may suggest your number has been misused or duplicated.
  5. Your bank or telecom provider notifies you of unusual account activity, failed identity verification, or changes that you did not authorize.
  6. You discover multiple mobile connections registered in your name that you never requested, a risk that often remains unnoticed unless you proactively check through the Department of Telecommunications' Sanchar Saathi portal.

None of these guarantee fraud, but any of them is a reason to check further rather than assume it's a glitch.

Practical Steps to Protect Yourself

The good news is that Indian users now have direct tools to check and control this exposure:

  1. Identify your SIMs: Via the Department of Telecom’s Sanchar Saathi website, you can access a list of all mobile numbers registered in your name. Report and get any SIMs you do not recognize deactivated promptly.
  2. Safeguard your identity documents and biometrics: Do not disclose your Aadhaar information, OTPs, or biometrics to unofficial persons or retail agents. Ensure your SIM is activated in your presence by an official dealer of the telecom company.
  3. Tighten the security of your accounts: Wherever possible, use the most secure multi-factor authentication methods; an authenticator app, rather than just SMS, would be ideal. Consider enabling account change or SIM swap notifications from your telecom provider.
  4. Stay vigilant about your bank accounts and financial activities. Watch for unusual OTP requests, password change requests, login notifications, and unrecognized devices being logged into your online accounts. Being observant early on helps minimize losses.
  5. Take swift action if a SIM stops working: Contact your telecom provider and report the misuse to the Sanchar Saathi website as well as your nearest cyber station, or file a complaint through the cybercrime helpline number.

A Shared Responsibility

Consumer vigilance is not enough to save the system. Telecom providers must verify customer authenticity and check their retail points sufficiently so that a roadside vendor of the likes of “Shivam Telecom” cannot have their retail outlet anywhere the retail outlets may not need to be established and can be run even from an abandoned car body on the street for weeks. Authorities are ensuring this by making all franchisees and PoS agents and distributors register, such that the individual activating each SIM is perfectly identifiable. Consumers should take precautions and report suspicious patterns and be vigilant for fraud detection and protect themselves by knowing the system, like the use of the Sanchar Saathi platform.

Conclusion

The Delhi fake SIM case proves that even sophisticated technologies are not enough to protect India’s telecom ecosystem. No amount of biometric validation, AI fraud prevention tools, or rigid KYC compliance can offset a single corrupt agent selling SIM cards over the counter. While law enforcement works to clamp down, the responsibility also falls upon consumers, who need to regularly monitor their SIM registrations, safeguard their identity, and report any suspicious transactions in time to minimize the threat of identity theft and SIM-based cybercrime.

Sources

PUBLISHED ON
Jul 7, 2026
Category
TAGS
No items found.

Related Blogs