Spain’s National Police Agency, the Policía Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud.
The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used traditional phishing and smishing techniques to obtain personal information and bank data of victims before draining money from their accounts.
“They usurped the identity of their victims through the falsification of official documents and tricked employees of telephone stores into getting the duplicate of SIM cards, cards where they received security confirmation messages from banks that allowed them to empty their victims’ accounts,” the authorities said.
Seven of the arrests were made in Barcelona and one in Seville. As many as 12 bank accounts were frozen as part of the illicit operation. The first known instance of fraud attributed to the gang is said to have occurred in March 2021.
SIM swapping, also known as SIM hijacking, is a malicious technique wherein criminal actors target mobile carriers to gain access to victims’ bank accounts, virtual currency accounts, and other sensitive information. The SIM swap is often facilitated through social engineering, insider threat, or phishing techniques.
The scheme involves an attacker impersonating a victim and tricking the mobile carrier into switching the victim’s mobile number to a SIM card under their control. Alternatively, this can also be achieved by bribing an employee of the mobile carrier or tricking the employees into downloading malware used to break into systems and conduct the SIM swaps.
Once the phone numbers are ported, threat actors leverage the “identity” to perform account resets, bypass SMS-based two-factor authentication protections, and seize control of the target’s online accounts.
images from Hacker News