Phone cloning is the process of copying the identity of one mobile device — its SIM, IMEI, or ESN/MDN numbers — onto another device. This allows a criminal to make calls, receive OTPs, and access online accounts as if they were you. It is a serious form of identity theft. It can result in financial fraud, SIM swap attacks, and loss of access to all your digital accounts. Here is how to detect it and what to do.
What Is Phone Cloning?
Phone cloning differs from phone hacking. Hacking involves extracting login credentials or data remotely through malware or phishing. Cloning involves physically or electronically duplicating your mobile device’s unique identifiers. This allows a second device to operate under your phone number and account credentials. The cloned device receives your calls, SMS OTPs, and 2FA codes. This gives the attacker direct access to your banking, email, and social media accounts.
What Are the Main Methods of Phone Cloning?
AMPS Cloning (Analog Mobile Phones)
Specifically, Advanced Mobile Phone System (AMPS) cloning targets older analog or landline-connected devices. Attackers with specialised radio equipment intercept the handset’s Electronic Serial Number (ESN) and Mobile Directory Number (MDN) over the air, then programme them onto another handset to make fraudulent calls billed to the victim.
CDMA Cloning
Code Division Multiple Access (CDMA) phone cloning uses specialised software to access and modify the device’s embedded file system directory. The attacker changes the ESN or MEID (Mobile Equipment Identifier) of the target phone, effectively making a second device operate under the same identity.
GSM Cloning (Most Common)
GSM cloning targets the IMEI (International Mobile Equipment Identity) number, which uniquely identifies every mobile device. Criminals obtain physical access to the SIM card to extract the IMEI. Alternatively, they use electronic scanners to capture it remotely. Once the criminal clones the IMEI, they can receive calls, intercept OTPs, and conduct SIM swap fraud.
How Can You Tell If Your Phone Has Been Cloned?
- First, repeated notifications to restart your device — Your SIM may be experiencing conflicts because both the original and cloned SIM are active on the same network simultaneously.
- Second, unexpected mobile phone bills — Calls, data, or messages you did not make appearing on your bill indicate that someone else is using your number.
- Also, sudden increase in unknown incoming calls or messages — If people are calling you about conversations you never had, someone is using a duplicate of your SIM.
- Furthermore, device locator shows two locations simultaneously — If “Find My Phone” (Android) or “Find My iPhone” (Apple) shows your device in two different locations at the same time, your phone identity has been cloned.
- Moreover, inability to receive calls or messages — If your phone suddenly stops receiving incoming calls, a cloned SIM may have taken over your number that is active on the network.
- Additionally, OTPs arriving without your request — Receiving banking or login OTPs you did not initiate means someone is using your number to trigger authentication codes.
What Data Is at Risk When Your Phone Is Cloned?
- Email accounts — Attackers use your phone number to reset email passwords, locking you out entirely.
- Social media accounts — WhatsApp, Instagram, Facebook, and other platforms linked to your phone number are immediately at risk.
- Banking and UPI accounts — The attacker intercepts OTPs and authorisation codes, enabling fund transfers, new payee additions, and loan applications in your name.
- E-commerce accounts — Criminals can access Amazon, Flipkart, and other accounts for fraudulent purchases.
What Should You Do If Your Phone Has Been Cloned?
- First, contact your mobile operator immediately — Request an emergency SIM block and deactivation of any duplicate SIM cards issued on your number.
- Second, inform your bank — Request a temporary freeze on your account and report any unauthorised transactions. RBI guidelines provide liability protection when you report fraud promptly.
- Also, change passwords for all critical accounts — Change all email, banking, and social media passwords from a secure, unaffected device.
- Furthermore, enable app-based 2FA — Switch from SMS-based two-factor authentication to an authenticator app, which SIM cloning cannot intercept.
- Finally, file a police complaint — Visit the nearest cyber crime police station or file a complaint at cybercrime.gov.in.
- Call the cyber crime helpline — Dial 1930 to report the fraud and initiate recovery proceedings.
For professional forensic investigation and digital evidence collection, contact cyber expert Anuraag Singh.
