Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps.
The targeted employees have shared screenshots of messages offering $300 to those willing to aid the senders in their criminal endeavors.
According to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the systems required to perform a SIM swap.
The attackers' messages claim the source of the contact information is an employee directory, as first spotted by The Mobile Report.
Other texts seen by BleepingComputer request employees contact the threat actor on Telegram if they are interested in the offer.
While it was initially believed that these texts were only targeting T-Mobile employees, Verizon employees also stated that were receiving variations of the same text.
T-Mobile told BleepingComputer that they are investigating the text messages but stressed they did not suffer another breach.
A Verizon spokesperson was not immediately available for comment when BleepingComputer reached out earlier today.
In SIM swap attacks, criminals trick a victim's wireless carrier into rerouting their service to a device controlled by the fraudster.
Successful attacks can lead to unauthorized access to personal accounts and sensitive information, identity theft, financial losses, and significant emotional distress for the victims.
In February 2022, the FBI warned that criminals were increasing SIM swap attacks to steal millions by hijacking victims' phone numbers.
The law enforcement agency also revealed in its annual Internet Crime Complaint Center report that Americans filed 1,075 SIM-swapping complaints in 2023, with adjusted losses of $48,798,103.
Last year, the FBI also received 2,026 complaints about SIM-swapping attacks linked to losses of $72,652,571.
In contrast, only 320 complaints reporting SIM swapping incidents with losses of roughly $12 million were filed between January 2018 and December 2020.
In November, the Federal Communications Commission revealed new rules to shield Americans from SIM-swapping attacks in response to this surging wave of consumer complaints.
Under the new regulations, carriers must implement secure authentication procedures before transferring customers' phone numbers to different devices or providers.
They must also warn them whenever a SIM change or port-out request occurs on their accounts.
FBI warns of massive wave of road toll SMS phishing attacks.
Former telecom manager admits to doing SIM swaps for $1,000.
SIM swappers hijacking phone numbers in eSIM attacks.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 16 Apr 2024 23:05:37 +0000