SIM Swap Fraud Recovery 2026 — Stolen SIM, Wiped Bank Account? Get It Back in 24 Hours

Your phone suddenly shows “No service” or “SIM not provisioned”. Within hours, you receive bank SMS for transactions you didn't make — UPI debits, credit-card charges, even loans taken in your name. This is SIM swap fraud (also SIM port-out fraud, SIM jacking) — the criminal switches your number to a SIM in their possession, intercepts OTPs, drains your accounts. India recorded over 90,000 SIM-swap complaints at NCRP in 2024. The first 24-hour window decides whether you recover 100% or 0%. Here is the working playbook — by the clock.

• First 60 minutes: call your telco from another phone — block the swapped SIM. Vodafone Idea / Airtel / Jio / BSNL all have 24×7 lines. Lock UPI + freeze bank online channels.
• Within 24 hours: dial 1930 (Cyber Crime Helpline) for any unauthorised debit. File at https://cybercrime.gov.in.
• Within 48 hours: register FIR at cyber police station — IT Act §66C/§66D + BNS §318/§321/§336.
• Bank claim: invoke RBI Customer Liability Framework, 2017 §6.3 — zero liability if reported in 3 working days.
• TAFCOP — open https://www.tafcop.dgtelecom.gov.in and check all SIMs in your name. Deactivate any you don't recognise.
• Sanchar Saathi → CEIR — block your stolen / swapped phone IMEI at https://www.ceir.gov.in.
• Recovery rate: 80%+ within 24 hours. <10% after 7 days.
• Cost: ₹0 — TAFCOP, Sanchar Saathi, NCRP, FIR, RBI Ombudsman are all free.

1. Use someone else's phone — call your telco helpline (Airtel 121, Jio 199, Vi 199, BSNL 1503) → request immediate SIM block + RE-issue for your number. Note ticket number.
2. Call your bank's helpline (number on your debit/credit card or passbook). Tell: “SIM swap fraud — block all online banking, UPI, cards. Report under RBI Customer Liability Framework, 2017.”
3. Lock Aadhaar biometrics at https://uidai.gov.in or m-Aadhaar app — prevents AePS misuse.
4. Lock UPI in BHIM/PhonePe/GPay → Profile → Block UPI ID or freeze. Also disable e-mandate auto-pay.
5. Email all financial accounts (banks, mutual funds, Demat, NPS, credit cards) requesting freeze pending re-verification.
6. Take screenshots of all unauthorised SMS, transaction alerts, missed calls.
7. Dial 1930 → Cyber Crime Helpline (24×7). Get complaint number.
8. TAFCOP at https://www.tafcop.dgtelecom.gov.in → enter your number → see all SIMs in your name → deactivate unknown ones (free, instant).
9. Sanchar Saathi → CEIR — if your physical phone was stolen, block the IMEI.
10. NCRP file at cybercrime.gov.in → Financial fraud → SIM swap fraud.

SIM swap = a criminal convinces your telecom operator to issue a new SIM for your mobile number, then they receive all your calls, OTPs and SMS. It's social engineering at the point of sale (PoS) of a telco store, not a hack.

How it happens:

• Customer-care impersonation: criminal phones telco saying “I lost my SIM, need a new one” — bypasses verification with leaked KYC + Aadhaar last 4 digits.
• Insider fraud: corrupt telco employee or franchisee at a PoS retailer issues a SIM to the criminal in exchange for ₹5,000-₹50,000.
• e-KYC (Aadhaar-based) abuse: criminal uses leaked biometric (sub-registrar leak / e-KYC scanner trap) to authorise SIM issuance.
• Port-out fraud (MNP): criminal initiates port to a different telco using leaked OTP — Mobile Number Portability hijack.

Once active:

• Criminal receives OTPs from banks, UPI, Demat, IT department, Aadhaar updates.
• Drains accounts via UPI / IMPS / NEFT / RTGS.
• Takes personal loans / credit-card cash advances in your name.
• Updates email passwords by reset OTP → drains crypto wallets, Paytm, MFs.

You discover when:

• Phone shows “No service” suddenly (your SIM is the deactivated one).
• Bank SMS for unauthorised debits arrive on your email but not phone.
• Friends say “You missed my call” when you didn't.

• Mumbai entrepreneur lost ₹1.86 crore in 90 minutes via SIM swap by a corrupt telco store owner — Apr 2024.
• Delhi senior citizen lost ₹38 lakh — Jul 2024.
• Pune professional lost ₹2.4 crore including ₹50 lakh in unauthorised personal loans — Sep 2024.
• NCRP 2024: 90,000+ SIM-swap complaints, ₹500+ crore total drain.
• Top fraud cluster: Jamtara (Jharkhand), Mewat (Haryana), Bharatpur (Rajasthan) — most call-centres trace here.
• Telco audits 2024: Airtel, Jio, Vi were collectively fined ₹3.6 crore by TRAI for KYC lapses around SIM issuance.

• DoT directive (Aug 2023): telcos must wait 7 days before activating a re-issued SIM if the request is over the counter without biometric verification.
• DoT directive (Mar 2024): SIM MNP port-out requires a 7-day cooling period with SMS verification.
• TRAI's TAFCOP portal (https://www.tafcop.dgtelecom.gov.in) — every citizen can see all SIMs issued in their name. Free.
• CEIR (Central Equipment Identity Register) at https://www.ceir.gov.in — block stolen phones by IMEI.

• Zero liability if reported within 3 working days.
• Limited liability up to ₹25,000 if reported within 4-7 working days.
• Bank must credit shadow refund within 10 working days.
• Final resolution: 90 days.

• IT Act §66C — identity theft (3 years).
• IT Act §66D — cheating by impersonation (3 years).
• BNS §318 — cheating (7 years).
• BNS §319 — cheating by personation (5 years).
• BNS §321 — cheating by personation in possession (3 years).
• BNS §336 — forgery for cheating (7 years).
• PMLA §3 — money laundering.
• Indian Telegraph Act, 1885 §25 — impersonation in telco transactions.

• MNP under TRAI Telecommunication Mobile Number Portability Regulations, 2009 (amended 2019).
• Port-out OTP valid 4 hours (reduced from 24 hours after 2019 fraud spike).
• Telcos liable for negligent port-out under TRAI's quality of service rules.

• Telcos are data fiduciaries under DPDP §2(j).
• Penalty up to ₹250 crore for negligent handling of personal data leading to harm.
• Right to grievance under DPDP §13 — DPO must respond.

Order matters. Do these IN PARALLEL using two devices if possible:

1. Device 1: call telco → block + re-issue (note ticket number).
2. Device 2: call bank's helpline → freeze ALL online channels + UPI + cards.
3. Browser: lock Aadhaar biometrics at uidai.gov.in.
4. Browser: change passwords on email, banking, mutual funds, Demat — use a password manager.

1. Go to https://www.tafcop.dgtelecom.gov.in.
2. Enter your number → OTP → see all SIMs in your name (max 9 per Aadhaar).
3. Mark unknown SIMs as Not my number → deactivate. Telco must act within 7 days.

1. Open https://www.ceir.gov.in.
2. If physical phone was stolen: Block stolen phone → enter IMEI + FIR copy → IMEI blocked across India within 24 hours.

1. NCRP file at https://cybercrime.gov.in → Financial fraud → SIM swap fraud. Save Acknowledgement Number.
2. FIR at cyber police station — sections: IT Act §66C/§66D, BNS §318/§319/§321/§336.
3. eFIR available in 10+ states.

1. Visit branch with: ID, bank statement, NCRP acknowledgement, FIR copy.
2. Submit written letter:

> To, Branch Manager, [Bank], [Branch].

  > //Sub: SIM swap fraud — RBI Customer Liability Framework Claim §6.3.//
  > //Account no: ... I noticed unauthorised debits totalling ₹... on dates... My SIM was swapped without my consent at [time]. I have filed FIR No. ..., NCRP Acknowledgement No. .... As per RBI/2017-18/15 dated 06 Jul 2017 §6.3, I am reporting within 3 working days; my zero-liability claim attaches. Kindly: (a) issue a shadow credit within 10 working days, (b) raise NPCI/IMPS dispute with the beneficiary bank, (c) provide telco-bank API logs for my account. — [Signature, Date].//

1. For UPI: NPCI dispute via your bank.
2. For card: chargeback (TAT 60-90 days).
3. For NEFT/IMPS: bank-to-bank reversal via RBI Centralised Payments.

1. File at https://cms.rbi.org.in.
2. Free. Order in 60-90 days.
3. Compensation up to ₹1 lakh for mental harassment, in addition to refund.

File RTIs to track + push:

• To telco (private — but all listed telcos are public authorities for RTI on certain functions like consumer grievance + KYC compliance under TRAI directives. File via TRAI):

Did your KYC procedure verify the identity of the person re-issuing SIM for my number on date [X]; copy of the KYC form, biometric / OTP log, store ID, employee ID who processed it; reason for issuing without 7-day waiting period.

• To TRAI: Status of audit / penalty action against [Telco] for the SIM swap incident reported under complaint [X]; date of next compliance review.
• To DoT (via Sanchar Saathi): Outcome of TAFCOP request to deactivate SIMs [list]; date the SIMs were deactivated; reason if not yet deactivated.
• To bank: Status of complaint number [W]; date NPCI dispute raised; reply received from beneficiary bank.
• To local police: FIR [No] status; investigating officer; date of next investigation step; status of beneficiary account holder identification.

Use the RTI Drafter for these — drafts all 5 RTIs from your case description.

1. Waiting “to see if SIM auto-restores” — delay costs the zero-liability ceiling.
2. Calling telco from your own (stolen) SIM — it's deactivated. Use a friend's phone.
3. Visiting a random telco store to “fix it” — go to your nearest company-owned store, not a franchisee. Franchisees often colluded in the original swap.
4. Skipping TAFCOP — multiple SIMs in your name = multiple attack surfaces.
5. Skipping CEIR — IMEI block prevents the criminal from re-using your stolen handset.
6. Sharing OTP with a “bank verification officer” — banks never ask for OTP.
7. Trusting Telegram “recovery agents” — second-stage scammers.
8. Not filing FIR — without FIR, banks can refuse zero-liability + telco refuses logs.
9. Re-using the same swapped number for new accounts — open a new bank-linked SIM.

Because KYC at re-issuance is weaker than KYC at fresh issuance. Many fraud cases trace to insider abuse at telco franchisees: a corrupt employee bypasses identity verification for a bribe.

Yes:

• Audit TAFCOP monthly — see all SIMs in your name. Deactivate any you don't recognise.
• Use an authenticator app (Google Authenticator / Authy) for banks that support it, instead of SMS-OTP.
• Different phone numbers for different services — separate bank/UPI from social media.
• Lock Aadhaar biometrics by default.
• Set up SMS-only alerts — many banks email + SMS; if SMS stops while email continues, that's your alarm.

No — you must claim it. Banks don't volunteer the zero-liability refund. You must invoke §6.3 RBI Customer Liability Framework explicitly in writing, within 3 working days. Use the sample letter above.

• Dispute with the lender invoking RBI Customer Liability Framework + KYC failure.
• CIBIL dispute at https://www.cibil.com → Online Dispute → cite the SIM-swap FIR.
• Lender's banking ombudsman if it's a regulated lender.
• Civil suit if lender refuses (rare).

File RTI to TRAI asking for the audit outcome. Telcos are public authorities for RTI on regulatory compliance matters per CIC decisions. Also: TDSAT (Telecom Disputes Settlement Tribunal) for refusal to share.

Yes — under Consumer Protection Act §2(47) for deficiency in service. Also DPDP Act §13 as data fiduciary breach. Compensation: ₹50,000 - ₹5 lakh + actual loss.

Some banks offer cyber-crime insurance as a card-add-on (HDFC Diners Premium, ICICI Sapphiro, SBI Aurum). Check terms — typically covers up to ₹1-5 lakh.

Free help:

• NALSA 15100 — free legal aid + filing.
• Senior Citizens Helpline 14567.
• District Legal Services Authority (DLSA) — physical centres.
• Your Banking Correspondent (BC) can help file at NCRP.

Not inherently — but TAFCOP audit monthly. Max 9 SIMs per Aadhaar. Each SIM is a potential entry point.

Mostly. But change all passwords + revoke session cookies on banking apps + enable app-level biometric login. Ask your bank for a new debit card with a new number.

• Lock Aadhaar biometrics.
• Block PAN temporarily via incometax.gov.in if you suspect IT misuse.
• Monitor CIBIL monthly for unauthorised credit applications.
• Set up account-monitoring alerts at every bank.

No — the telco re-issues YOUR number to YOU after verification (Aadhaar biometric + visit to a company-owned store). Process: 24-48 hours. Some telcos charge ₹0-₹250 for re-issue.

Yes — at https://www.ceir.gov.in → Unblock found mobile. Requires the FIR copy + retrieved phone in your possession.

• Cyber Crime Complaint in India — full process
• UPI Fraud Recovery — Dial 1930 + RBI 3-day rule
• AePS / Aadhaar Biometric Fraud Recovery
• Digital Arrest Scam — 7-minute rescue plan
• Loan App Harassment Recovery
• RTI Drafter — file an RTI to telco / TRAI / police
• Aadhaar Status — biometric lock + mobile update
• Credit Card Charges — every fee, RBI rules

• TAFCOP (DoT — view all SIMs in your name) — https://www.tafcop.dgtelecom.gov.in
• Sanchar Saathi → CEIR (block stolen phone) — https://www.ceir.gov.in
• National Cyber Crime Reporting Portal — https://cybercrime.gov.in
• RBI Customer Liability Framework, 2017 — https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11040
• RBI Banking Ombudsman (CMS) — https://cms.rbi.org.in
• TRAI Mobile Number Portability — https://www.trai.gov.in/notifications/regulation
• NALSA (free legal aid) — 15100 / https://nalsa.gov.in
• Telco helplines: Airtel 121, Jio 199, Vi 199, BSNL 1503.

SIM swap is the original Indian identity vacuum cleaner — one swap empties your phone, your bank, your loans, your credit. The defence: TAFCOP audit + Aadhaar biometric lock + authenticator app + monthly bank statement review. If hit: 24-hour recovery window, RBI 3-day rule, NPCI dispute, FIR + RTI — in that order.

The RTI Drafter auto-generates the 5 RTIs needed (telco, TRAI, DoT, bank, police) — saves hours.

• Department of Telecommunications — SIM re-issuance directive Aug 2023 + MNP directive Mar 2024.
• TRAI Telecommunication Mobile Number Portability Regulations, 2009 (amended 2019).
• RBI Customer Liability Framework, 2017 (RBI/2017-18/15).
• Bharatiya Nyaya Sanhita, 2023 — §318, §319, §321, §336.
• Information Technology Act, 2000 — §66C, §66D.
• Indian Telegraph Act, 1885 — §25.
• Digital Personal Data Protection Act, 2023.
• NCRB Cyber Crime Report 2024.

Last reviewed: 5 May 2026 — RTI Wiki editorial team.