SIM swap fraud remains one of Kenya’s most dangerous forms of financial crime, allowing criminals to take control of a victim’s mobile number and gain access to mobile money and banking services.
While Safaricom has significantly strengthened its security systems, customers are still being urged to remain vigilant.
The fraud typically begins with criminals collecting personal information through phishing messages, fake customer care calls, social media, or other social engineering tactics.
Using the stolen details, they attempt to convince a telecom agent to replace the victim’s SIM card or trick the victim into authorizing a fraudulent SIM swap.
Once the swap is successful, the victim’s phone loses network connectivity while the fraudster receives calls, SMS messages, and one-time passwords linked to the mobile number. This creates an opportunity to access M-Pesa and banking services before the victim realizes what has happened.
To reduce this risk, Safaricom has introduced several security measures aimed at making SIM swap fraud more difficult. These include a temporary restriction on M-Pesa transactions immediately after a SIM replacement and a self-service line protection feature accessible through *100*100#. Customers who activate the feature receive a verification request before any SIM swap can be completed.
The telecommunications provider has also partnered with banks through a SIM Swap Check API, enabling financial institutions to verify whether a customer’s SIM card was recently replaced before approving sensitive transactions.
An additional ATM Vicinity Check solution helps compare a customer’s phone location with the ATM where a transaction is taking place, providing another layer of fraud detection.
According to Safaricom, artificial intelligence-powered monitoring and enhanced identity verification have helped reduce fraudulent SIM swaps despite the company processing thousands of SIM replacement requests every day.
Even with these safeguards, cybersecurity experts caution that fraudsters continue to evolve their tactics.
Customers are advised never to disclose their M-Pesa PIN, banking passwords, or one-time passwords, and to avoid dialing unfamiliar USSD codes shared by strangers.
Anyone who unexpectedly loses mobile network service should contact Safaricom immediately to verify whether an unauthorized SIM swap has occurred.
As digital financial services continue to grow, experts say customer awareness remains just as important as technological safeguards in preventing SIM swap fraud.
Email your news TIPS to Editor@Kahawatungu.com — this is our only official communication channel

