Europol arrests two gangs who stole millions of euros via sim swapping
Europol, together with a number of national police forces, arrested 26 suspects who engaged in SIM-swapping. It concerned two gangs who managed to steal millions of euros from bank accounts by taking over telephone numbers.
One group consisted of twelve suspects between the ages of 22 and 52. They came from Italy, Romania, Colombia and Spain and were all arrested in the latter country, Europol writes. The hackers would have killed at least 100 victims and stole between 6,000 and 137,000 euros from their bank accounts at a time. The attacks they carried out consisted of two parts. First, victims were hit via a banking trojan that looted the credentials of their bank accounts. The criminals then managed to request SIM cards in the name of the victims. That way, they could get the two-step verification codes needed during login. The money was then funneled through money mules to other accounts. The entire process would take place within one to two hours, according to Europol. As a result, victims often noticed too late that their data had been lost.
There was also a second group of criminals who were arrested for a similar offence. This concerns fourteen suspects from Romania, who mainly made victims in Austria. The criminals also obtained login details via banking Trojans. After the sim swaps, they were able to log into banking apps. This made it possible to withdraw money via ATMs without the need for a debit card. The suspects are said to have stolen more than half a million euros in this way.
Europol worked for the two cases, called Operation Quinientos Dusim and Operation Smart Cash, with national police forces in Spain, Romania and Austria. The European Police Service also gives some tips to avoid sim swapping. This ranges from protecting accounts via two-step verification and watching out for phishing links to limiting what information victims put online about themselves. “Simswapping starts with identity theft. Criminals can get information by searching for it on social media or by posting malware.”