A ‘sim-swap’ scammer has been arrested in the US in the first example of criminal proceedings being brought against a perpetrator of this particular type of fraud.

The accused is one Joel Ortiz, 29 years old, from Boston. He is accused of stealing a total of $5 million from approximately 40 victims, according to court documents obtained by Motherboard.

Join the iFX EXPO Asia and discover your gateway to the Asian Markets

Keys to the kingdom

Sim swapping is when a scammer tricks a mobile phone company into issuing them a sim card for an account which is not theirs.

The trend in society is that people are increasingly relying on their mobile phones as a control hub for all of their accounts, and the mobile phone itself is increasingly being used as a key to these accounts. So, gaining control of someone’s mobile phone account gives the scammer the keys to that person’s kingdom.

Emma Mohan-Satta, a fraud prevention consultant at Kaspersky Labs, told Digital Trends: “A high proportion of banking customers now have mobile phone numbers linked with their accounts, and so this attack is becoming common in some regions where this attack was not previously so common.”

You can think of sim-swapping as phishing from another angle – instead of getting people to give up information by asking for it under the guise of a trusted party, the scammers get the information from the trusted entity by asking for it under the guise of the customer.

According to the Federal Trade Commission, an American consumer protection organisation, there were 2,658 incidents in January 2016 in that country, up from 1,038 in Jan 2013.

In May 2018, an unspecified number of customers of British retail bank TSB Bank were defrauded in this way. One month prior, the bank had upgraded its application and locked almost two million people out of their accounts in the process. Scammers took advantage of the chaos, according to The Sun.

How is it done?

For the scam to work it is necessary for the scammers to gather as much information about the victim as possible. They will send phishing emails, and often actually talk to the people that they are trying to steal from, pretending to be their phone company for example. The aim is to gather enough information to impersonate the victim in subsequent communications with the company.

“TELL YOUR DAD TO GIVE US BITCOIN”

According to the report, Ortiz targeted cryptocurrency holders, including several attendees of a cryptocurrency event in New York.

One attendee noticed that his phone had stopped working, and later realised that he had been relieved of $1.5 million in cryptocurrency. Just a day earlier, a friend had sent him a text: “My fucking SIM got hacked.” He ran to the AT&T shop but was too late.

In another case, Ortiz received a text from the daughter of one of his victims, which said: “Hi Daddy, Love you”. He responded: “TELL YOUR DAD TO GIVE US BITCOIN”.

Ortiz was also interested in stealing social media accounts; he was a member of a website called OGUSERS where these accounts can be traded. According to the report, many members of that community have now gone into hiding.

40 phone numbers, 28 charges

He was caught in a complex mission that involved the authorities sending warrants to Google and cryptocurrency exchanges like Coinbase, Bittrex and Binance to gain access to his accounts. The exchanges reported that Ortiz had moved more than $1 million in cryptocurrency through their platforms, and AT&T said that Ortiz had in his possession around 40 phone numbers.

Ortiz was arrested on the 12th of July at Los Angeles International Airport, where he was reportedly carrying his stuff in a Gucci bag. According to the complaint, he is facing 13 counts of identity theft, 13 counts of hacking, and two counts of grand theft. So far, $250,000 has been seized by the authorities.

Erin West, Deputy District Attorney of Santa Clara County, said: “This is happening in our community and unfortunately there are not a lot of complaints to law enforcement about it. We would welcome the opportunity to look into other complaints of this happening,” West told Motherboard in a phone call. “We think that this is something that’s underreported and very dangerous.”