Select Page

Europol, along with the Spanish and the Romanian national police, has arrested 26 individuals in connection with the theft of over €3.5 million ($3.9 million) by hijacking people’s phone numbers via SIM swapping attacks.

The law enforcement agencies arrested 12 and 14 people in Spain and Romania, respectively, as part of a joint operation against two different groups of SIM swappers, Europol said.

The development comes as SIM swapping attacks are emerging as one of the biggest threats to telecom operators and mobile users alike. The increasingly popular and damaging hack is a clever social engineering trick used by cybercriminals to persuade phone carriers into transferring their victims’ cell services to a SIM card under their control.

The SIM swap then grants attackers access to incoming phone calls, text messages, and one-time verification codes (or one-time passwords) that various websites send via SMS messages as part of the two-factor authentication (2FA) process.

As a result, a fraudster can impersonate a victim with an online account provider and request that the service sends account password-reset links or authentication code to the SIM-swapped device controlled by the cybercriminals, using which the bad actor can reset the victim account’s log-in credentials and access the account without authorisation.

images from Hacker News