In Florida, a man was arrested by the police whose age is 25 in the case of a cyber fraud. He was found as a part of a cyber fraud group, they simply hijacked mobile numbers of their targets through online attacks. By doing so they were able to siphon thousands of dollars’ worth in the form of bitcoin and other cryptocurrencies.
A brief about this Cyber fraud:
On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handshumacher as he was found guilty for the SIM Swap cyber fraud. For the past two years, he being the part of a group having the 9 members in total drained out bank accounts through mobile phone “SIM Swaps”.
The customer using a mobile device requests for a SIM swap when their existing SIM card has been damaged or need another SIM card of different size for their new mobile phone. These fraudsters abused the SIM swap and with the help of the mobile providers they were able to hack the target’s mobile phone.
Mostly the banks and the online services send the passwords and OTP to their customer though text messages as they think this is the safest way to do this. But this fraudsters group has already taken the passwords as they Phished their target’s mobile devices.
How police reached out to these fraudsters?
Firstly, the investigators looked for the group’s activities in February, when a Michigan woman called the police after she heard her son talking on the phone. He was pretending to be an AT&T employee.
The police reached out their house and found multiple mobile phones and SIM cards, also a list of names and phone numbers of the people from all around the world.
On the following month, the investigators found the same guy accessing the public Wi-Fi, and seized the 45 SIM cards, a laptop and a hardware device that is used to store cryptocurrency account data.
In April 2018, the mother again called the police for informing that her son has got another new mobile phone. The cops searched the kid’s house again and found the two bags full SIM cards and multiple driving license and passports of numerous people.
Then the investigators used this stuff to get in contact with the victims, and able to talk with the two victims who reported that they lose approximately $15,000 in cryptocurrencies.
An action against the culprit:
The police obtained the search warrants to search for the group’s server chat conversations and observed the Handschumacher who done this crime to purchase a land, a house and a vehicle.
The Pasco County office found in their surveillance that the fraud group paid some of the employees of cellular phone companies to get help from them in the cyber-attack.
On July 23, Handschumacher requested as not guilty on behalf of his client, who is now facing the charges of money laundering and accessing a computer or electronic device without any permission.
Some of the sources tell that Handschumacher also was the member of OG users, although it was not clear how active he been there.
What you can do?
If some SMS- based authentication is the only option left for account security then I would rather suggest you to rely on your username and password.
You may go with the two factor authentication and there are numerous websites which supports multi-factor authentication.
If you are running any business whether that is small or large then must take a help from a security analyst or a cyber-security expert. I would recommend you to get in touch with the Krademy, which has a team of cyber-security experts.