Search This Blog

Powered by Blogger.

Blog Archive

Labels

US Scammers Charged in SIM Swapping and Vishing Scam

Sacmmers tricked AT&T employee after SIM swapping his phone number in June 2019.

 

The Maryland District Attorney’s Office has sentenced twenty-year-old Kyell Bryan from Pennsylvania, one of the two conspirators to grave identity theft for a SIM swap and cryptocurrency theft. 

According to the first indictment, Bryan conspired with Jordan K. Milleson and stole over 16,000 worth of cryptocurrency from a wireless carrier employee after SIM swapping his phone number in June 2019. The two were active members of the OGUsers trade forum, which employed similar phishing attacks against Twitter and other organizations, usually with the motive to steal financial credentials.

Later in 2019, the officials discovered leaked messages from OGUsers which suggested that Bryan asked another member's help for designing a website similar to T-Mobile’s employee login page. The stolen credentials were used to perform unauthorized SIM swaps and redirect their target’s phone number to evade the two-factor authentication process that is supposed to protect accounts. After successful swapping, Bryan directed his partner to transfer a cryptocurrency worth $ 16,847.47 from the victim’s account. 

Interestingly, the scheming partnership turned into a business dispute after Bryan and other accomplices suspected that Milleson failed to share the proceeds of a digital currency theft. After discovering the conspiracy, he called the Baltimore County police and reported falsely that he was at Milleson’s home address with a gun, saying he shot his father and threatened to shoot himself. 

When officers spoke to Milleson’s relative, they told them about a previous phone call claiming Milleson had stolen $ 20,000. Earlier in May 2021, Milleson was sentenced to two years in federal prison and paid $ 34,329.01.

“During the call, Bryan, posing as the purported shooter, threatened to shoot himself and to shoot at police officers if they attempted to confront him. The call was a ‘swatting’ attack, a criminal harassment tactic in which a person places a false call to authorities that will trigger a police or special weapons and tactics (SWAT) team response — thereby causing a life-threatening situation,” reads a statement from the U.S. Attorney’s Office for the District of Maryland. 

Earlier this week, Bryan pleaded guilty and is due to be sentenced in January 2022 to two years in federal prison after a year of supervised release. As part of his plea agreement, Bryan is sentenced to pay $ 16,847.47.
Share it:

Cyber Fraud

SIM Swapping

User Security

Vishing Campaign