The sweep comes almost a year after Europol led an operation to dismantle two SIM swap criminal groups that stole €3.5 million ($3.9 million) by orchestrating a wave of more than 100 attacks targeting victims in Austria, emptying their bank accounts through their phone numbers.
You could flip the Cellular Modem Hardware Kill Switch (HKS) on your Librem 5 and still call or text from your primary phone number while at that coffee-shop WiFi. This would offer you the ability to have a no-carrier phone–in either form–that now you only have when on WiFi–which means no triangulation-location tracking from cellular towers.
Typically achieved with the help of a corrupt insider or using social engineering lures, SIM swapping refers to the technique adopted by cybercriminals to persuade phone carriers into porting their victims' cell services to a SIM card under their control.
The SIM swap then grants attackers access to incoming phone calls, text messages, and one-time verification codes (or one-time passwords) that various websites send via SMS messages as part of the two-factor authentication (2FA) process.
Whether you are living and working in a high-threat environment or period of civil unrest, worry about being vulnerable to hacking of your financial data or online profiles, or are simply an advocate for personal privacy and liberty, it’s important to understand the methods by which you are tracked, and by whom, and for what purpose.
Once in control of the target's mobile phone, the authorities noted that the criminals accessed personal information, including contacts synced with online accounts, and stole money, with cryptocurrency losses exceeding $100 million in 2020."They also hijacked social media accounts to post content and send messages masquerading as the victim," the U.S. Secret Service said. The arrested suspects face charges for offences under the Computer Misuse Act, as well as fraud and money laundering. They are also expected to be extradited to the U.S. for prosecution.
To avoid SIM swapping attacks, it's recommended that users keep their device's software up to date, limit data-sharing online, and enable 2FA via apps instead of having an authentication code sent over SMS.
"When possible, do not associate your phone number with sensitive online accounts," Europol cautioned.
Found this article interesting? Follow THN on , Twitter and LinkedIn to read more exclusive content we post.