SIM swapping attacks on the rise

July and August have had a wave of incidents involving SIM swapping. As reported by security researcher Brian Krebs on his popular cybersecurity blog, the recent arrest of an alleged SIM swapper in Santa Clara, Calif., is the third incident recently involving such crimes. The perpetrator in question, 19-year-old Xzavyer Clemente Narvaez, was taken into custody on August 17 following an investigation from Santa Clara County’s “REACT task force.”

The charges against Narvaez are serious and if he is convicted could carry a strong sentence. To understand why this is the case, it is vital to understand what SIM swapping is and why it is so malicious to prosecutors. A SIM swap is a rather complex social engineering attack in which an attacker gains banking details and the cell number of a victim through phishing. The attacker then impersonates the victim when contacting the cellular provider and requesting a new SIM card to replace a “lost or stolen” one. If the company takes the bait, then they will deactivate the victim’s SIM card and the attacker will use the victim’s phone to make transactions since all banking notices via SMS are now routed to the attacker’s phone.

SIM swapping was lucrative for Narvaez. As Brian Krebs reports, the teenager was allegedly able to do the following with his ill-gotten gains:

Prosecutors allege Narvaez used the proceeds of his crimes (estimated at > $1 million in virtual currencies) to purchase luxury items, including a McLaren — a $200,000 high-performance sports car. Investigators said they interviewed several alleged victims of Narvaez, including one man who reported being robbed of $150,000 in virtual currencies after his phone number was hijacked.”

As was stated earlier, this is the third arrest of a suspected SIM swapper in just the span of two months. As Bleeping Computer reports, the other arrests were of 20-year-old Joel Ortiz, who was apprehended in July by the FBI in the city of Boston. Ortiz had allegedly gained roughly $5 million in cryptocurrency and also admitted to having accomplices. The second arrest came in Florida when authorities apprehended 25-year-old Ricky Joseph Handschumacher who, along allegedly with a group of nine co-conspirators, was able to attack CEOs and other high-ranking businessmen.

The common thread that connects all of these alleged crimes, according to the Bleeping Computer report, is an internet forum called OGUSERS where SIM swappers brag about their scores and also trade account information of the victims they hacked. This will not be the last we hear of these types of attacks as 2017 also saw a large uptick in such attacks, leading to mainstream media coverage.

If your phone suddenly stops working, especially with regards to SMS messaging, take heed that this could be a sign of a SIM swapping attack. Contact your cellular provider and your bank as soon as possible to ensure that you are not ripped off.

Featured image: Flickr / Karl Baron

About The Author

2 thoughts on “SIM swapping attacks on the rise”

  1. Verizon wireless has been posting multiple orders for bulk SIM cards on my statement. When I inquire about them I am given a bogus explanation and the orders are always being processed regardless of my many complaints. I have had issues with my phone being forwarded, calls not coming through, voice mailbox full. Could this be the reason and how do I report it to the right person?

    1. The key thing with the SIM swap is that the ultimate goal is your financial info being exploited. If you notice in my article, the criminals buy outlandish things just like if your identity has been stolen. There are elements of your predicament that sound suspicious for sure, but the financial element is the key thing. If you feel compromised your local law enforcement is your best bet. They typically have cybercrime training. The FBI only takes on the most severe cases so I wouldn’t go that route, at least initially.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top