In March 2020, Europol announced that it had arrested dozens of people suspected of draining bank accounts. infringement victims' phone numbers via SIM Swapping fraud. The Romanian National Police (Poliția Română) and the Austrian Forensic Intelligence Service (Bundeskriminalamt), with the support of Europol, conducted an eight-month investigation that resulted in the arrest of 14 members of a criminal gang that "emptied" banks accounts in various countries in Europe, such as Austria, gaining control of victims' phone numbers by SIM Swapping fraud.
The way this SIM Swapping fraud gang operates in Europe is simple. Specifically, after gaining control of a victim's phone number, the hackers they used stolen banknotes credentials to connect to a banking application, in order to create a cash transaction, which they then validated with a one-year password, which was sent by the bank via SMS, allowing them to withdraw money from an ATM without a card.
It is estimated that this gang, which focused on Europe, managed to steal more than half a million pounds from unsuspecting bank account holders. This case, along with another Europol investigation in January 2020, in which suspects were found throughout Spain to be members of a ring that stole more than εκατο 3 million in a series of SIM Swapping attacks, highlighted the growing frequency of the agency. attack.
As SIM Swapping fraud requires significant effort and cost from attackers, it is increasingly being targeted at individuals who hold positions of prestige and influence both in Europe and abroad. It is therefore important to understand the method of these attacks. At this point it is useful to mention the possible formula of the attack but also how one can understand if he has received a SIM Swapping fraud.
Attacks usually use blackmail, bribery or social engineering an employee of a mobile service provider, to take advantage of their access to customer information or even the mobile network itself. Another method is to build a target profile that contains sufficient PII (personally identifiable information) for authentic authentication to the target cell phone operator. This can be achieved through data breach of the service provider or through the collection of breaches data PII. The signs of the attack are that the affected phones cannot make or receive calls and probably do not have access to emergency services. In addition, intruders take over subscriber accounts online. Unexpected messages may also appear e-mail related to password reset, account connections or phone number changes before successful download.
How can SIM Swapping attacks be mitigated?
The worrying aspect of any SIM Swapping scam is that the victim usually hasn't done something they shouldn't, so in that sense, it's hard to be very careful. For example, it has not clicked on a link that was included in one Phishing email, nor has it been directed to a fake site. His phone just stopped working. The problem probably arose because an employee of the mobile phone company was deceived by the intruder to reissue the SIM card, which was then used by the hacker to retrieve the number.
However, there are ways to avoid such attacks. It is important for individuals to create a PIN code on their mobile phone account. This may add a protective limit to attacks that have targeted their PII. Unfortunately, this does not protect against malicious insiders.
Another option is to prioritize two-factor authentication over SMS-based authentication applications. Applications such as Google Authenticator, Okta and Authy can be associated with a peripheral device, not just a phone number.
One advantage, apart from the fact that an SMS message has not been compromised, is that the person will have all the passwords in a central location and that they are constantly available, even when the phone is offline.
Other ways to mitigate SIM Swapping attacks also include using a natural identity check key for critical accounts and securing vigilance, as significant service interruptions, such as failed message delivery, must be addressed urgently with reference to service provider status. monitoring online account passwords and controlling bank account transactions.
SIM Swapping scams increase alarmingly, while criminal activities take place that exploit his pandemic COVID-19, it is important to note that SIM Swapping is a key reason why a phone number may not be the best verifier of a person's identity, as it represents a "hole" in the authentication process. Finally, adding levels of protection could help protect the identities and accounts of cybercriminals.