F. A. C. C. T. warned of new attacks on bank customers.
The Russian company F. A. C. C. T. warns about an increase in cases of theft of mobile numbers among users in Russia for illegal access to their online banking. Criminals carry out "hijacking" of numbers, using mechanisms of substitution or restoration of the eSIM-digital SIM card which replaces the traditional physical SIM card in some models of smartphones.
Since the fall of 2023, the company's analysts have recorded more than a hundred attempts to log in to customers personal accounts in online services from just one financial organization. Fraudsters transfer the victim's phone number to their eSIM device, using the digital card replacement or recovery functionality.
To successfully intercept a number via eSIM, attackers need an eSIM-enabled smartphone, as well as a compromised victim's account in the personal account of a telecom operator and/or in a popular government service. In international practice, such attacks have been observed for more than a year, while in Russia they began to be recorded only in the fall of 2023. Previously, criminals most often tried to reissue a SIM card with the help of accomplices on the operator's side, but now operators and banks have significantly tightened security measures against this kind of fraud.
As part of the new scheme, attackers apply to transfer a number from a physical card to an eSIM via the operator's website or app. This allows them to get a QR code or activation code for managing the eSIM. Once the process is complete, the victim loses control of their phone number and cannot use their SIM card.
Having gained control over the phone number, criminals can bypass two-factor authentication systems, gaining access to online banking, instant messengers and other services, which opens up wide opportunities for fraudulent transactions. According to the company, cybercriminals are particularly attracted to online banking services, as intercepting messages with confirmation codes allows them to withdraw money from victims ' accounts or make loans in their name.
In addition to access to bank accounts, the loss of the number threatens to compromise the accounts in all the victim's instant messengers. Attackers will gain access to the owner's correspondence, will be able to send messages to the victim's contact list with a request to borrow money, blackmail. The abundance of artificial intelligence tools and the presence of media content in the victim's correspondence helps scammers mislead gullible users.
To protect against such threats, users should use complex and unique passwords for each service and device, update them regularly, activate two-factor authentication where possible, and never disclose the received codes. It is also important to pay close attention to messages about blocking, re-issuing or transferring the SIM card.
Banks and financial organizations are advised to use session antifraud, a tool for analyzing anomalies in users behavior and devices when logging in, to detect attempts of unauthorized access to online banking.
The Russian company F. A. C. C. T. warns about an increase in cases of theft of mobile numbers among users in Russia for illegal access to their online banking. Criminals carry out "hijacking" of numbers, using mechanisms of substitution or restoration of the eSIM-digital SIM card which replaces the traditional physical SIM card in some models of smartphones.
Since the fall of 2023, the company's analysts have recorded more than a hundred attempts to log in to customers personal accounts in online services from just one financial organization. Fraudsters transfer the victim's phone number to their eSIM device, using the digital card replacement or recovery functionality.
To successfully intercept a number via eSIM, attackers need an eSIM-enabled smartphone, as well as a compromised victim's account in the personal account of a telecom operator and/or in a popular government service. In international practice, such attacks have been observed for more than a year, while in Russia they began to be recorded only in the fall of 2023. Previously, criminals most often tried to reissue a SIM card with the help of accomplices on the operator's side, but now operators and banks have significantly tightened security measures against this kind of fraud.
As part of the new scheme, attackers apply to transfer a number from a physical card to an eSIM via the operator's website or app. This allows them to get a QR code or activation code for managing the eSIM. Once the process is complete, the victim loses control of their phone number and cannot use their SIM card.
Having gained control over the phone number, criminals can bypass two-factor authentication systems, gaining access to online banking, instant messengers and other services, which opens up wide opportunities for fraudulent transactions. According to the company, cybercriminals are particularly attracted to online banking services, as intercepting messages with confirmation codes allows them to withdraw money from victims ' accounts or make loans in their name.
In addition to access to bank accounts, the loss of the number threatens to compromise the accounts in all the victim's instant messengers. Attackers will gain access to the owner's correspondence, will be able to send messages to the victim's contact list with a request to borrow money, blackmail. The abundance of artificial intelligence tools and the presence of media content in the victim's correspondence helps scammers mislead gullible users.
To protect against such threats, users should use complex and unique passwords for each service and device, update them regularly, activate two-factor authentication where possible, and never disclose the received codes. It is also important to pay close attention to messages about blocking, re-issuing or transferring the SIM card.
Banks and financial organizations are advised to use session antifraud, a tool for analyzing anomalies in users behavior and devices when logging in, to detect attempts of unauthorized access to online banking.
