Overview

• Police cyber unit reports incidents in several regions involving duplicate corporate SIM cards issued on falsified IDs or powers of attorney.
• Once a duplicate is activated, the original SIM is disabled, placing a company’s internal telephony and messaging under criminal control.
• Access to the master SIM enables interception of SMS login codes, internal and external phishing, call‑routing changes, and withdrawal of funds from the PBX account.
• The ministry urges companies to enable operator alerts on any number changes, turn on two‑factor authentication for PBX admin access, and restrict who can request SIM replacements.
• After the warning, a State Duma lawmaker pressed operators to toughen identity verification and oversight when issuing SIM duplicates.