Teacher
Professional
- Messages
- 2,670
- Reaction score
- 775
- Points
- 113
F. A. С. С. T., reports attempts to steal mobile numbers from Russian users in order to gain access to their online banking. "Theft" of the number occurs by replacing or restoring the eSIM-the built-in digital card that performs the functions of a physical SIM card in some modern smartphones.
Since the fall of 2023, Fraud Protection analysts at F. A. C. C. T. have recorded more than a hundred attempts to log in to clients ' personal accounts in online services from just one financial institution.
To steal access to a mobile number, attackers use the function of replacing or restoring a digital SIM card: they transfer the phone from the victim's "SIM card" to their own device with an eSIM.
To intercept a number using eSIM profiles, fraudsters need a smartphone that supports connecting an eSIM profile, a compromised victim's account in the personal account of a telecom operator and/or in a popular public service.
Abroad, cybercriminals have been using a similar method of "hijacking" for at least a year, while in Russia the first attempts were recorded in the fall of 2023. Recall that earlier, to steal an account, attackers with the help of accomplices on the operator's side most often tried to reissue a SIM card without the subscriber's knowledge, but operators and banks introduced strict measures to counter this type of fraud.
In the new "hijacking" scheme, in order to get a QR code or activation code for the SM-DP+ address, which is responsible for generating and protecting profiles in the eSIM, attackers themselves create an application on the operator's website or application for transferring numbers from a physical card to the eSIM. As soon as the attacker completes this process, the user can no longer use their SIM card and loses access to the number.
"Having gained access to the victim's mobile phone number, cybercriminals can get access codes, two-factor authentication to various services, including banks, instant messengers, which opens up a lot of opportunities for attackers to implement criminal schemes. There are many variations of the scheme, but most of all scammers are interested in online banking services. Messages with a confirmation code that will be sent to the number will allow you to withdraw all money from the victim's account and apply for loans."
Another threat from the loss of the number is the compromise of accounts in the messengers of the owner of the number. Attackers will gain access to the owner's correspondence, will be able to send messages to the victim's contact list with a request to borrow money, blackmail. The abundance of artificial intelligence tools and the presence of media content in the victim's correspondence helps scammers mislead gullible users.
• Source: https://www.facct.ru/media-center/press-releases/esim-bank-attacks/
Since the fall of 2023, Fraud Protection analysts at F. A. C. C. T. have recorded more than a hundred attempts to log in to clients ' personal accounts in online services from just one financial institution.
To steal access to a mobile number, attackers use the function of replacing or restoring a digital SIM card: they transfer the phone from the victim's "SIM card" to their own device with an eSIM.
To intercept a number using eSIM profiles, fraudsters need a smartphone that supports connecting an eSIM profile, a compromised victim's account in the personal account of a telecom operator and/or in a popular public service.
Abroad, cybercriminals have been using a similar method of "hijacking" for at least a year, while in Russia the first attempts were recorded in the fall of 2023. Recall that earlier, to steal an account, attackers with the help of accomplices on the operator's side most often tried to reissue a SIM card without the subscriber's knowledge, but operators and banks introduced strict measures to counter this type of fraud.
In the new "hijacking" scheme, in order to get a QR code or activation code for the SM-DP+ address, which is responsible for generating and protecting profiles in the eSIM, attackers themselves create an application on the operator's website or application for transferring numbers from a physical card to the eSIM. As soon as the attacker completes this process, the user can no longer use their SIM card and loses access to the number.
"Having gained access to the victim's mobile phone number, cybercriminals can get access codes, two-factor authentication to various services, including banks, instant messengers, which opens up a lot of opportunities for attackers to implement criminal schemes. There are many variations of the scheme, but most of all scammers are interested in online banking services. Messages with a confirmation code that will be sent to the number will allow you to withdraw all money from the victim's account and apply for loans."
Another threat from the loss of the number is the compromise of accounts in the messengers of the owner of the number. Attackers will gain access to the owner's correspondence, will be able to send messages to the victim's contact list with a request to borrow money, blackmail. The abundance of artificial intelligence tools and the presence of media content in the victim's correspondence helps scammers mislead gullible users.
• Source: https://www.facct.ru/media-center/press-releases/esim-bank-attacks/
