Eight men have been arrested in England and Scotland as part of an investigation into a series of SIM swapping attacks, in which criminals illegally gained access to the phones of high-profile victims in the U.S.
The National Crime Agency led the UK investigation into these attacks, which targeted numerous victims throughout 2020, including well-known influencers, sports stars, musicians, and their families.
NCA Cyber Crime officers, working with agents from the U.S. Secret Service, U.S. Immigration and Customs Enforcement's Homeland Security Investigations, the FBI and the Santa Clara California District Attorney’s Office, uncovered a network of criminals in the UK working together to access victims’ phone numbers and take control of their apps or accounts by changing the passwords.
This enabled them to steal money, bitcoin and personal information, including contacts synced with online accounts. They also hijacked social media accounts to post content and send messages masquerading as the victim.
NCA and U.S. investigators notified individuals when they had been targeted and where possible, prior to the criminals managing to cause any damage. The victims were then advised on how to prevent the impending attack.
SIM swapping involves cyber criminals taking over use of a victim’s phone number by essentially deactivating their SIM and porting the allocated number over to a SIM belonging to a member of the criminal network.
This is typically achieved by the criminals exploiting phone service providers to do the swap on their behalf, either via a corrupt insider or using social engineering techniques.
After gaining control of the phone number, they use the ‘change password’ function on apps, which leads to them receiving reset codes sent via SMS (or to subsequently compromised email accounts) to reset passwords.
After changing the passwords, the victim is denied access and the criminals have free reign over their contacts, banking apps, emails and social media accounts.
Today eight suspected members of the criminal group aged 18-26 were arrested in England and Scotland.
The operation was coordinated by the NCA and involved officers from Police Scotland, the Metropolitan Police Service, East Midlands and North East Special Operations Units, and the West Midlands Regional Organised Crime Unit.
Paul Creffield, head of operations in the NCA’s National Cyber Crime Unit, said:
“Sim swapping requires significant organization by a network of cyber criminals, who each commit various types of criminality to achieve the desired outcome. This network targeted a large number of victims in the U.S. and regularly attacked those they believed would be lucrative targets, such as famous sports stars and musicians. In this case, those arrested face prosecution for offences under the Computer Misuse Act, as well as fraud and money laundering as well as extradition to the USA for prosecution. As well as causing a lot of distress and disruption, we know they stole large sums from their victims, from either their bank accounts or bitcoin wallets. Cyber criminality is not restricted by borders and our efforts to tackle it reflect that. This investigation is the result of successful collaboration with international partners in the U.S. and Europol, as well as our law enforcement colleagues here in the UK.”
Assistant Director Michael D’Ambrosio, U.S. Secret Service's Office of Investigations, said: “The multi-jurisdictional arrests announced today illustrate the importance of building strong partnerships. The Secret Service would like to thank our domestic and international law enforcement partners for their steadfast commitment and cooperation in this case. The Secret Service and our law enforcement partners remain ready to combat transnational crimes and to hold offenders accountable.”