Large-scale SMS bombardment encourages recipients to switch to the "dark side".
US mobile service providers T-Mobile and Verizon faced massive attacks by cybercriminals who send messages to their employees ' personal and work phones, offering money for performing illegal operations with SIM cards, including SIM Swapping, which is widely known in the field of cybersecurity.
According to the sent messages, criminals offer $300 for each Swapping operation performed. Targets include both current and former employees of the aforementioned companies. The messages themselves are sent en masse, with slightly different wording, in order to avoid being blocked by the anti-spam system.
In the messages, the hackers claim that the contact details of the employees they write to were taken from the T-Mobile service directory. In general, up to a certain point, this seemed to be true, since at first the messages came only to T-Mobile employees, but later it turned out that Verizon employees also receive similar texts en masse. There may have been a large-scale data leak.
Representatives of T-Mobile noted that the company has already initiated an investigation, but so far there is no reason to believe that its systems have encountered hacking. Meanwhile, representatives of Verizon have not yet commented on the situation and did not get in touch with journalists.
SIM Swapping attacks, in which attackers gain control of the victim's phone number, can lead to unauthorized access to personal and financial data, identity theft, and significant emotional stress for the victim.
In February 2022, the FBI warned of an increase in attacks to steal millions of dollars by "hijacking" phone numbers. Last year, more than 2,000 complaints about such attacks were registered, and the total losses from them amounted to $ 72.6 million.
In November last year, the US Federal Communications Commission introduced new rules to protect against such attacks, requiring operators to tighten authentication procedures before transferring numbers to other devices or networks, as well as notify customers of any requests to change the SIM card or transfer the number.
US mobile service providers T-Mobile and Verizon faced massive attacks by cybercriminals who send messages to their employees ' personal and work phones, offering money for performing illegal operations with SIM cards, including SIM Swapping, which is widely known in the field of cybersecurity.
According to the sent messages, criminals offer $300 for each Swapping operation performed. Targets include both current and former employees of the aforementioned companies. The messages themselves are sent en masse, with slightly different wording, in order to avoid being blocked by the anti-spam system.
In the messages, the hackers claim that the contact details of the employees they write to were taken from the T-Mobile service directory. In general, up to a certain point, this seemed to be true, since at first the messages came only to T-Mobile employees, but later it turned out that Verizon employees also receive similar texts en masse. There may have been a large-scale data leak.
Representatives of T-Mobile noted that the company has already initiated an investigation, but so far there is no reason to believe that its systems have encountered hacking. Meanwhile, representatives of Verizon have not yet commented on the situation and did not get in touch with journalists.
SIM Swapping attacks, in which attackers gain control of the victim's phone number, can lead to unauthorized access to personal and financial data, identity theft, and significant emotional stress for the victim.
In February 2022, the FBI warned of an increase in attacks to steal millions of dollars by "hijacking" phone numbers. Last year, more than 2,000 complaints about such attacks were registered, and the total losses from them amounted to $ 72.6 million.
In November last year, the US Federal Communications Commission introduced new rules to protect against such attacks, requiring operators to tighten authentication procedures before transferring numbers to other devices or networks, as well as notify customers of any requests to change the SIM card or transfer the number.
