Eight men have been arrested in Scotland and England as part of an investigation into a series of so-called sim swapping attacks targetting high-profile victims in the USA.
A network of criminals in the UK were found to be accessing people’s phone numbers and taking control of their apps or accounts by changing passwords.
The National Crime Agency (NCA) led the British investigation into these attacks, which targeted numerous victims in 2020, including well-known influencers, sports stars, musicians, and their families.
“As well as causing a lot of distress and disruption, we know they stole large sums from their victims, from either their bank accounts or bitcoin wallets.”Paul Creffield, head of operations in the NCA’s National Cyber Crime Unit
The criminals were able to steal money, bitcoin and personal information, including contacts synced with online accounts. They also hijacked social media accounts to post content and send messages masquerading as the victim.
The NCA worked with agents from the US Secret Service, Homeland Security Investigations, the FBI and the Santa Clara California District Attorney’s Office.
Sim swapping involves cyber criminals taking over use of a victim’s phone number by essentially deactivating their SIM (subscriber identification module, commonly known as a SIM card) and porting the allocated number over to a SIM belonging to a member of the criminal network.
The criminals achieve this by exploiting phone service providers to do the swap on their behalf, either via a corrupt insider or using social engineering techniques.
After gaining control of the phone number, they use the ‘change password’ function on apps, which leads to them receiving reset codes sent via SMS (or to subsequently compromised email accounts) to reset passwords.
Once the passwords have been changed, the victim is denied access and the criminals have free reign over their contacts, banking apps, emails and social media accounts.
On Tuesday, February 9, eight suspected members of the criminal group aged between 18-26-years-old were arrested in England and Scotland.
Police Scotland arrested a 26-year-old man in Dumfries on suspicion of Computer Misuse Act offences and a 23-year-old man in Glasgow in relation to an extradition request.
Paul Creffield, head of operations in the NCA’s National Cyber Crime Unit, said: “Sim swapping requires significant organisation by a network of cyber criminals, who each commit various types of criminality to achieve the desired outcome.
“This network targeted a large number of victims in the US and regularly attacked those they believed would be lucrative targets, such as famous sports stars and musicians.
“In this case, those arrested face prosecution for offences under the Computer Misuse Act, fraud, and money laundering as well as extradition to the US.
“As well as causing a lot of distress and disruption, we know they stole large sums from their victims, from either their bank accounts or bitcoin wallets.
“Cyber criminality is not restricted by borders and our efforts to tackle it reflect that. This investigation is the result of successful collaboration with international partners in the US and Europol, as well as our law enforcement colleagues here in the UK.”
Assistant director Michael D’Ambrosio, U.S. Secret Service Office of Investigations, said: “The multi-jurisdictional arrests announced today illustrate the importance of building strong partnerships.
“The Secret Service would like to thank our domestic and international law enforcement partners for their steadfast commitment and cooperation in this case. The Secret Service and our law enforcement partners remain ready to combat transnational crimes and to hold offenders accountable.”