Thursday, January 21, 01:02
Home security Europe: An alarming increase in SIM Swapping scams!

Europe: An alarming increase in SIM Swapping scams!

In March 2020, Europol announced that it had arrested dozens of people suspected of draining bank accounts. infringement victims' phone numbers via SIM Swapping fraud. The Romanian National Police (Poliția Română) and the Austrian Forensic Intelligence Service (Bundeskriminalamt), with the support of Europol, conducted an eight-month investigation that resulted in the arrest of 14 members of a criminal gang that "emptied" banks accounts in various countries in Europe, such as Austria, gaining control of victims' phone numbers by SIM Swapping fraud.

Europe-SIM Swapping scam

The way this SIM Swapping fraud gang operates in Europe is simple. Specifically, after gaining control of a victim's phone number, the hackers they used stolen banknotes credentials to connect to a banking application, in order to create a cash transaction, which they then validated with a one-year password, which was sent by the bank via SMS, allowing them to withdraw money from an ATM without a card.


It is estimated that this gang, which focused on Europe, managed to steal more than half a million pounds from unsuspecting bank account holders. This case, along with another Europol investigation in January 2020, in which suspects were found throughout Spain to be members of a ring that stole more than εκατο 3 million in a series of SIM Swapping attacks, highlighted the growing frequency of the agency. attack.


As SIM Swapping fraud requires significant effort and cost from attackers, it is increasingly being targeted at individuals who hold positions of prestige and influence both in Europe and abroad. It is therefore important to understand the method of these attacks. At this point it is useful to mention the possible formula of the attack but also how one can understand if he has received a SIM Swapping fraud.

SIM Swapping scam

Attacks usually use blackmail, bribery or social engineering an employee of a mobile service provider, to take advantage of their access to customer information or even the mobile network itself. Another method is to build a target profile that contains sufficient PII (personally identifiable information) for authentic authentication to the target cell phone operator. This can be achieved through data breach of the service provider or through the collection of breaches data PII. The signs of the attack are that the affected phones cannot make or receive calls and probably do not have access to emergency services. In addition, intruders take over subscriber accounts online. Unexpected messages may also appear e-mail related to password reset, account connections or phone number changes before successful download.

How can SIM Swapping attacks be mitigated?

The worrying aspect of any SIM Swapping scam is that the victim usually hasn't done something they shouldn't, so in that sense, it's hard to be very careful. For example, it has not clicked on a link that was included in one Phishing email, nor has it been directed to a fake site. His phone just stopped working. The problem probably arose because an employee of the mobile phone company was deceived by the intruder to reissue the SIM card, which was then used by the hacker to retrieve the number.

However, there are ways to avoid such attacks. It is important for individuals to create a PIN code on their mobile phone account. This may add a protective limit to attacks that have targeted their PII. Unfortunately, this does not protect against malicious insiders.

scam

Another option is to prioritize two-factor authentication over SMS-based authentication applications. Applications such as Google Authenticator, Okta and Authy can be associated with a peripheral device, not just a phone number.

One advantage, apart from the fact that an SMS message has not been compromised, is that the person will have all the passwords in a central location and that they are constantly available, even when the phone is offline.

Other ways to mitigate SIM Swapping attacks also include using a natural identity check key for critical accounts and securing vigilance, as significant service interruptions, such as failed message delivery, must be addressed urgently with reference to service provider status. monitoring online account passwords and controlling bank account transactions.

SIM Swapping scams increase alarmingly, while criminal activities take place that exploit his pandemic COVID-19, it is important to note that SIM Swapping is a key reason why a phone number may not be the best verifier of a person's identity, as it represents a "hole" in the authentication process. Finally, adding levels of protection could help protect the identities and accounts of cybercriminals.

1 COMMENT

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Pohackontas
Pohackontashttps://www.secnews.gr
Every accomplishment starts with the decision to try.

LIVE NEWS

00:02:09

Donald Trump: Thanks to Lil Wayne, not to Julian Assange!

Outgoing US President Donald Trump will award today thanks to rapper Lil Wayne in a final wave of pardon that ...
00:02:28

NASA: Uses AI to locate new craters on Mars

https://www.youtube.com/watch?v=e8qCSD3fA50 Τα τελευταία 15 χρόνια, το Mars Reconnaissance Orbiter της NASA περιφέρεται γύρω από τον Άρη μελετώντας...

Windows 10: How to view recently installed updates

Microsoft frequently updates Windows 10, but it is not always clear when each update is installed. Fortunately, there are two easy ways ...

Lorex launches a bell with a 2K camera that detects faces

Lorex launches a new device for smart homes - the bell called "2K QHD Wired Video Doorbell with Person ...

Security awareness is not enough to deal with threats

Significant changes have been made in recent years in dealing with cyber threats. The human factor is now taken seriously in safety. For example,...

MeWe: Gained 2,5 million users in one week!

The social networking platform MeWe saw the number of its users increase significantly after the WhatsApp scandal.

Fake collaboration apps "infect" employees and steal data!

With the outbreak of the COVID-19 pandemic, a large percentage of organizations have experienced malware attacks on remote devices as employees work ...

LG is considering leaving the smartphone sector in 2021

After losing about $ 4,5 billion in the last five years, the smartphone company LG struggled to compete with its rivals. He...

Steve Jobs: Statue in the National Garden of American Heroes by Trump!

The American government decided to place a statue in honor of the co-founder and former CEO of Apple, Steve Jobs, in the National Park ...

Terminology 1.9: New Linux Terminal Emulator with more colors

Boris Faure announced a new version of Terminology 1.9 of the terminal emulator for Linux operating systems. For those who do not ...