- Nine scammers were arrested in the US and face imprisonment penalties for SIM swapping.
- The scammers were collaborating to port SIM numbers and steal online accounts.
- The total gains in cryptocurrencies for the whole group are estimated to be about $2.4 million.
Eight Americans and one Irishman who allegedly belong to the same group of SIM Swapping scammers called “The Community” have been arrested and charged of conspiracy to commit wire fraud. Each of the defendants now faces a maximum penalty of twenty years of imprisonment, and considering the judicial precedent, they are unlikely to drop below ten years. The act of SIM swapping is one that is strictly punished by courts because of its highly deceitful nature and the resulting profits that are enjoyed by the fraudsters. In this particular case, “The Community” has allegedly made more than $2.4 million in cryptocurrencies, after extorting their victims to give them back access to their various online accounts.
The whole idea of SIM swapping is to trick the agent of the victim’s mobile phone carrier into porting the number to another SIM, which is held by the scammer. If the attacker is able to provide information that confirms the identity of the victim, the confirmation process goes well and the SIM swapping takes place. From there on, the scammer uses 2FA to gain access to all of the victim’s online accounts, changes the login credentials, and then asks for a ransom to give the accounts back to the victim.
The arrested men who are accused of being involved in SIM swapping are the following:
- Ryan Stevenson (Phobia), 26, Connecticut
- Colton Jurisic (Forza), 20, Iowa
- Ricky Joseph Handuschumacher, 25, Florida
- Conor Freeman, 20, Dublin
- Reyad Gafar Abbas, 19, New York
- Garrett Endicott, 21, Missouri
- Jarratt White, 22, Arizona
- Robert Jack, 22, Arizona
- Fendley Joseph, 28, California
Now, the worrying part is that the last three were working in mobile phone stores, and they were collaborating with the other six scammers to perform the SIM swaps. This means that the procedure of having to convince the operator that you are who you claim you are (the rightful owner of the SIM number) was thrown out of the window entirely.
If that is the case, then what could you do to protect yourself? Call your carrier today, and ask about what measures they have in place to minimize the risk of fraudulent SIM swapping. Some offer an optional confirmation step, others can activate an extra security passcode step, and others provide a post-validation feature. If you are using SMS-based 2FA to protect valuable accounts, consider your options and pick one that suits you.