Back to blog
Securitate Digitala
7 min

SIM Swap Fraud in Thailand: How Attackers Drain Your Bank Through AIS, TRUE, and DTAC

Understand how SIM swap fraud works in Thailand targeting AIS, TRUE, and DTAC customers. Learn the full attack chain from SIM swap to banking drain, plus carrier-specific protection steps.

LOCK.PUB
2026-03-17

SIM Swap Fraud in Thailand: How Attackers Drain Your Bank Through AIS, TRUE, and DTAC

SIM swap fraud is one of the most devastating cyberattacks targeting Thai consumers. Unlike phishing, which requires you to click a link or share information, a SIM swap can happen without any action on your part. The attacker convinces your mobile carrier to transfer telefonul tau number to a new SIM card — and suddenly, they receive every call, SMS, and OTP code meant for you.

In Thailand, where mobile banking and e-wallets depend heavily on SMS-based OTP verification, a successful SIM swap can empty cont bancars in minutes.

The SIM Swap Attack Chain

Understanding the full attack chain helps you spot and stop it at any stage.

Stage 1: Information Gathering

The attacker collects your informatii personale through:

  • Social media profiles (name, birthday, phone number)
  • Data breaches (leaked databases sold on dark web)
  • Phishing attacks (fake forms that collect your ID number)
  • Physical observation (looking over your shoulder at a carrier store)

Stage 2: The SIM Swap

Armed with your personal details, the attacker approaches a carrier store or calls customer service. They claim to be you and request a SIM replacement, citing a "lost" or "damaged" phone. In some cases, corrupt carrier employees facilitate the swap for a bribe.

Stage 3: OTP Interception

Once the new SIM is activated, telefonul tau loses all signal. The attacker now receives:

  • All SMS messages, including banking OTPs
  • Phone calls, including bank verification callbacks
  • Password reset codes for email, social media, and apps

Stage 4: Account Takeover and Drain

The attacker moves quickly:

  1. Resets your mobile banking password using SMS OTP
  2. Logs into SCB EASY, K PLUS, Bualuang, or other banking apps
  3. Transfers money to mule accounts via PromptPay
  4. Drains your TrueMoney Wallet, Rabbit LINE Pay, or other e-wallets
  5. Changes passwords on e-mailul tau and social media to lock you out

Total time from SIM swap to empty accounts: often under 15 minutes.

Attack Chain Timeline

Stage What Happens Time Your Warning Sign
1. Info Gathering Attacker collects datele tale Days-weeks None (silent)
2. SIM Swap (สวอปซิม) Your number moves to new SIM 5-30 minutes Phone loses signal suddenly
3. OTP Capture Attacker receives your OTPs Immediate You stop receiving SMS
4. Bank Drain Money transferred out 5-15 minutes Bank notifications (if email)
5. Lockout Passwords changed on all accounts 10-30 minutes Cannot log in anywhere

Carrier-Specific Protection Steps

AIS (1175)

  1. Set a SIM lock PIN — Visit any AIS shop to set a PIN required for SIM changes
  2. Enable AIS Secure — Additional identity verification for account changes
  3. Register biometric verification — Visit an AIS flagship store to add fingerprint verification
  4. Limit self-service changes — Request that SIM swaps require in-person ID verification only
  5. Monitor your AIS account — Check myAIS app regularly for unusual activity

TRUE (1242)

  1. Set a SIM change PIN — Request a specific PIN for SIM replacement at any TRUE store
  2. Enable TrueID verification — Link your TrueID account for additional security
  3. Request in-person only SIM swaps — Ask TRUE to flag contul tau so swaps require physical presence
  4. Register your SIM with current ID — Ensure your registration details are up to date
  5. Enable TRUE account notifications — Get alerts for any account changes

DTAC (1678)

  1. Set a security PIN — Visit a DTAC center to establish a PIN for SIM changes
  2. Request enhanced verification — Ask for additional ID requirements for any SIM operations
  3. Keep contul tau details updated — Outdated information makes social engineering easier
  4. Monitor through dtac app — Check for unauthorized changes regularly
  5. Enable alerts — Turn on notifications for account modifications

Ce sa faci daca suspectezi un SIM swap

The moment telefonul tau unexpectedly loses signal (not from being in a basement or dead zone), act immediately:

  1. Use another phone to call your carrier — AIS: 1175, TRUE: 1242, DTAC: 1678
  2. Ask if a SIM swap was requested — If yes, demand immediate reversal
  3. Call your banks — Freeze all accounts linked to telefonul tau number
  4. Change all passwords — Email, banking, social media (from a different device)
  5. Alert TrueMoney, Rabbit LINE Pay and any other e-wallets
  6. File a police report — thaipoliceonline.com or local station
  7. Call 1441 — Anti-Online Scam Operation Center

Protect Your Recovery Information

Your phone number is a single point of failure for most account security. When you need to store backup coduri de recuperare, alternative contact numbers, or emergency access information, do not keep them in LINE chats or phone notes that disappear with your SIM. Use LOCK.PUB to create encrypted, protejat cu parola memos that you can access from any device. Store your 2FA coduri de backup, recovery emails, and emergency contacts in a secure memo that only you can unlock.

Advanced Protection Against SIM Swap

Reduce SMS Dependency

  • Use app-based 2FA (Google Authenticator, Microsoft Authenticator) instead of SMS OTP where possible
  • Enable push notifications from banking apps as an alternative verification method
  • Set up email-based alerts as a backup notification channel

Limit Your Exposure

  • Do not post telefonul tau number on social media or public forums
  • Use a separate phone number for banking and financial services
  • Be cautious with caller ID — Scammers can spoof any number
  • Shred documents containing telefonul tau number and carrier details

Monitor Continuously

  • Check your carrier account weekly for unauthorized changes
  • Test telefonul tau signal if you know you are in good coverage and it drops
  • Set up bank transaction alerts via email (not just SMS)
  • Review your credit report at the National Credit Bureau periodically

Concluzia

SIM swap fraud is particularly dangerous because it exploits a weakness in the telecom system, not in your behavior. The best defense is proactive: set SIM change PINs with your carrier, reduce dependence on SMS-based OTP, and act within minutes if telefonul tau loses signal unexpectedly.

For storing critical recovery information securely, visit LOCK.PUB to create free encrypted memos that only you can access with a password.

Keywords

SIM swap Thailand
SIM swap fraud AIS
SIM swap TRUE DTAC
สวอปซิม
OTP interception Thailand
mobile banking fraud Thailand
SIM hijacking
Thailand telecom fraud

You might also like

SIM Swap Attacks Targeting Kyivstar, Vodafone UA, and lifecell Customers

How SIM swap fraud works in Ukraine, targeting customers of Kyivstar, Vodafone Ukraine, and lifecell. Learn how criminals hijack telefonul tau number to access banking and Diia accounts.

Securitate Digitala

Bangladesh Freelancer Payment Security: Protecting Your Earnings on Upwork, Fiverr, and bKash

A guide for Bangladeshi freelancers on securing payments from Upwork, Fiverr, and other platforms. Learn to protect bKash withdrawals, avoid payment scams, and safeguard your income.

Securitate Digitala

Online Banking Security in Bangladesh: Protecting Your DBBL, City Bank, and BRAC Cont Bancars

Learn how to protect your online banking accounts from phishing, app fraud, and credential theft targeting Dutch-Bangla Bank, City Bank, BRAC Bank, and other Bangladeshi banks.

Securitate Digitala

Create your password-protected link now

Create password-protected links, secret memos, and encrypted chats for free.

Get Started Free
SIM Swap Fraud in Thailand: How Attackers Drain Your Bank Through AIS, TRUE, and DTAC | LOCK.PUB Blog