Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Sim Hijacking. Show all posts

Spanish Police Arrested SIM Swappers who Stole Money from Victims Bank Accounts

 

The Spanish National Police have arrested eight suspected members of a criminal organisation who used SIM swapping assaults to steal money from the victims' bank accounts. 

SIM switching assaults are used by criminals to get control of victims' phone numbers by duping mobile operator workers into transferring their numbers to SIMs controlled by the fraudsters. The attackers can steal money, cryptocurrency, and personal information, including contacts linked with online accounts, once a SIM has been stolen. Criminals could take over social media accounts and utilise SMS to circumvent 2FA services utilized by online services, including financial services. 

In the incident under investigation by Spanish police, the cybercriminal gained the victims' personal information and bank details via fraudulent emails in which they pretended to be their bank. The fraudsters were able to falsify the victims' official documents and use them to dupe phone store staff into issuing them with replica SIM cards. They were able to overcome SMS-based 2FA needed to access bank accounts and take the money once they had the SIM cards. 

The press release published by the Spanish National Police stated, “Agents of the National Police have dismantled a criminal organization dedicated, presumably, to bank fraud through the duplication of SIM cards. There are eight detainees based in Catalonia and acting throughout Spain who, through malicious messages and posing as a bank, obtained personal information and bank details to access the accounts of the victims whose identity they usurped through the falsification of official documents. With this, they deceived the employees of phone stores to obtain duplicate SIM cards and, in this way, have access to the bank’s security confirmation messages. In this way they could operate in online banking and access bank accounts to empty them after receiving security confirmation messages from the banks.”

The first SIM swapping attack linked to this group occurred in March 2021, when Spanish authorities received two reports about fraudulent transactions in different parts of the country. Crooks used bank transfers and digital quick payment services based in the region of Barcelona to launder the stolen funds. Seven people were arrested in Barcelona and one in Seville as a byproduct of the operation. The suspects' bank accounts were also banned by the authorities. 

The FBI announced this week that SIM swap attacks have increased, with the objective of stealing millions of dollars from victims by hijacking their mobile phone numbers. According to the FBI, US individuals have lost more than $68 million as a result of SIM switching assaults in 2021, with the number of complaints and damages nearly doubling since 2018. The FBI's Internet Crime Complaint Center (IC3) received 1,611 SIM switching assault reports in 2018, compared to 320 complaints between 2018 and 2002, resulting in a total loss of $12 million. 

Individuals should take the following steps, as per the FBI: 

• Do not post details regarding financial assets, such as bitcoin ownership or investment, on social networking platforms or forums. 
• Do not disclose the mobile number account details to representatives who ask for the account password or pin over the phone. Verify the call by calling the mobile carrier's customer support number. • Posting personal information online, such as your phone number, address, or other identifying information, is not a good idea. 
• To access online accounts, use a variety of unique passwords. 
• Any changes in SMS-based connectivity should be noted. 
• To gain access to online accounts, use strong multi-factor authentication solutions such as biometrics, physical security tokens, or standalone authentication software. 
• For easy login on mobile device applications, do not save passwords, usernames, or other information. 

On the other hand, mobile providers should take the following safety measures, according to the FBI: 

• Employees should be instructed and training sessions on SIM swapping should be held. 
• Examine incoming email addresses containing formal correspondence for minor differences that could make fraudulent addresses appear real and match the names of actual clients. 
• Establish stringent security standards that allow workers to effectively check customer credentials before transferring their phone numbers to a new device.

Understand how SIM Swapping can easily be used to hack your accounts!

We've all heard about sim swapping, SIM splitting, simjacking or sim hijacking- the recent trend with cybercriminals and now a study by Princeton University prooves the vulnerability of wireless carriers and how these SIM swapping has helped hackers ease their hands into frauds and crimes.



SIM swapping gained quite an attention when Twitter CEO Jack Dorsey’s account was hacked on his own platform. A study by Princeton University has revealed that five major US wireless carriers - AT&T, T-Mobile, Verizon, Tracfone, and US Mobile - are susceptible to SIM swap scams. And this sim hijacking is on a rise in developing countries like Africa and Latin America.

What is SIM swapping? 

SIM swapping is when your account is taken over by someone else by fraud through phone-based authentication usually two-factor authentication or two-step verification. This could give the hacker access to your email, bank accounts, online wallets and more.

How does the swap occur? 

In a SIM swap, scammers exploit the second step in two-factor verification, where either a text message or a call is given to your number for verification.

Citywire further explains the process, "Usually, a basic SIM-card swapping work when scammers call a mobile carrier, impersonating the actual owner and claiming to have lost or damaged their SIM card. They then try to convince the customer service representative to activate a new SIM card in the fraudster’s possession. This enables the fraudsters to port the victim’s telephone number to the fraudster’s device containing a different SIM."

After accessing the account, the scammers can control your email, bank accounts, online wallets and more.

 Detecting SIM swapping attack

• The first sign is if your text messages and cell phones aren't functioning, it's probable that your account is hijacked.

• If the login credentials set by you stop working then it's probably a sign that your account has been taken over. Contact your telecom provider and bank immediately.

• If you get a message from your telecom provider that your SIM card has been activated on another device, be warned it's a red sign.

Food blogger Jack Monroe lost 5000 Euros in phone number theft



"I lost 5000 Euros when my phone number was hacked and re-used on another sim card," says Jack Monroe. The culprits then successfully received her two-time verification information and obtained her bank and cash records."I was already concerned about the safety and had several steps in check," said Jack in a tweet. The industry was not able to address the "sim-jacking," says a privacy campaigner. The blogger expressed her anger in a tweet when she was told, 'although she would get her mobile number back in no time, the amount stolen will take time to refund.' "The cash taken has cost me very much - I'm a self-engaged freelancer and I have to work for every cent that I make," she tweeted.

The food writer is recognized for her cost-effective recipes and her support for campaigns against poverty. Sim-jacking, or Sim-swapping, is when culprits switch a mobile number with another Sim and use it as their own. This is done by criminals pretending as a consumer who wants to shift to a separate mobile service provider but doesn't want to change the phone number.

While personal information is required before requesting a sim transfer, the information is sometimes already available on the internet. - In this case, Ms. Monroe's date of birth, for instance, was retrieved from the internet. In other cases, the shop keepers or sim providers are often tipped for sim-jacking.

The first sign of sim hijacking for the victim is when their phone stops functioning. "The cases of sim-swapping in England are rare but there have been instances in other parts of the world. The industry is unable to combat the problem of sim-jacking," said Pat Walshe, Director, Privacy Matters, to BBC. The task of sim swapping is not common but one can do it easily if they want to, says Pat.

If ever caught in sim-jacking, the victims should always report the incident to their mobile operator or the ICO (Information Commissioner's Office). "The case should now push the ICO to inquire whether mobile operators and shop owners are actively following the protocol to protect services and data under telecommunication privacy laws," said Pat. The Global System for Mobile Communications, commonly known as 'GSMA' has made an alternative mobile identification verifier known as Mobile Connect. The ICO has been contacted by BBC, regarding the data theft problems.

Sim swapping attacks hit US cryptocurrency users

Something strange happened last week, with tens of US-based cryptocurrency users seeing SIM swapping attacks.

Numerous members of the cryptocurrency community have been hit by SIM swapping attacks over the past week, in what appears to be a coordinated wave of attacks.

SIM swapping, also known as SIM jacking, is a type of ATO (account take over) attack during which a malicious threat actor uses various techniques (usually social engineering) to transfers a victim's phone number to their own SIM card.

The purpose of this attack is so that hackers can reset passwords or receive 2FA verification codes and access protected accounts.

These types of attacks have been going on for half a decade now, but they've exploded in 2017 and 2018 when attackers started focusing on attacking members of the cryptocurrency community, so they could gain access to online accounts used for managing large sums of Bitcoin, Ethereum, and other cryptocurrencies.

But while these attacks were very popular last year, this year, the number of SIM swapping attacks appeared to have gone down, especially after law enforcement started cracking down and arresting some of the hackers involved in these schemes.

Something happened last week

But despite a period of calm in the first half of the year, a rash of SIM swapping attacks have been reported in the second half of May, and especially over the past week.

Several users tweeted their horrific experiences.

Some of them have publicly admitted to losing funds, such as Sean Coonce, who penned a blog post about how he lost over $100,000 worth of cryptocurrency due to a SIM swapping attack.

Some victims avoided getting hacked

Some other victims candidly admitted to losing funds, while others said the SIM swapping attacks were unsuccessful because they switched to using hardware security tokens to protect accounts, instead of the classic SMS-based 2FA system.

Hackers charged with stealing $ 2.4 million



A group of hackers from the cybercrime group known as “The Community” charged in the U.S for “Sim Hijacking” attack and commit wire fraud along with 3 former employees of mobile phone providers.

All the 6 members of “The community ” group alleged to have participated in thefts of victims’ identities and used the data to steal cryptocurrencies via SIM Hijacking attack also known as SIM Swapping.

“SIM Hijacking” or “SIM Swapping” is an identity theft technique that exploits a common cyber-security weakness – mobile phone numbers.

This special technique used by hackers to gain control of victims’ mobile phone number in order to route the victims mobile traffic such as phone calls and short message service (“SMS”) messages through the devices controlled by “The Community”.

According to the fifteen-count indictment unsealed, SIM Hijacking was accomplished by a member of “The Community” contacting a mobile phone provider’s customer service—posing as the victim—and requesting that the victim’s phone number be swapped to a SIM card (and thus a mobile device) controlled by “The Community”. Later, Hijacked new SIM will be used as a gateway to gain control of online accounts such as a victim’s email, cloud storage, and cryptocurrency exchange accounts.

Here is the list of 6 “The Community” 3 former employee of mobile phone provider.

Conor Freeman, 20, of Dublin, Ireland

Ricky Handschumacher, 25 of Pasco County, Florida

Colton Jurisic, 20 of, Dubuque, Iowa

Reyad Gafar Abbas, 19, of Rochester, New York

Garrett Endicott, 21, of Warrensburg, Missouri

Ryan Stevenson, 26, of West Haven, Connecticut

Charged in the criminal complaint were:

Jarratt White, 22 of Tucson, Arizona

Robert Jack, 22of Tucson, Arizona

Fendley Joseph, 28, of Murrietta, California