The Evolution of SIM Swapping Fraud: How Fraudsters Bypass Security Layers

This report analyzes persistent SIM swapping fraud in parts of the Middle East, showing how phishing websites, social engineering, and hybrid schemes enable attackers to port or convert victims' SIMs (including to eSIM), intercept SMS 2FA, and perform unauthorized transactions. It includes a case study of a phishing network impersonating insurance providers (multiple phishing domains sharing IP 209.124.66.11 and admin email [email protected]), statistics on losses and reporting delays, detection indicators used by Group-IB, and recommendations for financial institutions and end users to mitigate the threat.