Articles Posted in SIM Swapping

Stoltmann Law Offices, P.C has represented SIM-Swap hacking victims and continues to investigate ongoing claims related to this sordid scam impacting many people.  A story reported by CNN last week went into detail about a specific victim in San Francisco. According to the story, Robert Ross had over $2 million stolen from him when his phone was hacked through a process called “SIM-Swapping” or “SIM-Jacking.” Like so many of these victims, Mr. Ross was a crypto-currency investor and those were the funds that were stolen from him.  Mr. Ross is suing his cellular provider, AT&T, for its role in enabling the fraudsters who stolen millions from him. The outcome of that lawsuit is far from certain. However, Stoltmann Law Offices continues to monitor updates on these SIM-Swapping scams and are fully engaged in prosecuting cases on behalf of victims against their cellular providers.

These cases are not highly technical or difficult to grasp once you understand some of the basics. First, its important to understand one bit of technical jargon.  What is a “SIM” card? A “SIM Card” is a memory chip contained inside a mobile phone which carries a unique identification number specific to the owner, stores the owner’s personal data, and disables the mobile phone if removed. SIM Swapping is a means of infiltrating someone’s cellular world by taking control of the user’s SIM Card and have it activated in a phone controlled by the scammer, without stealing the phone or breaking it open to actually remove the SIM card. Here, the infiltration is virtual and once the scammer has the customer’s SIM card activated in the phone in his possession, it can then be used to gain access to emails, brokerage accounts, bank accounts, and cryptocurrency virtual wallets.

The scheme is so incendiary because it takes advantage of two-step authentication – something we’ve all been told for years to have set up to PROTECT us from hackers.  Here’s how it works: The crook convinces AT&T (or Verizon, Sprint, or T-Mobile) that he is the account owner. The crook accomplishes this typically by making up a story why the phone number needs to be transferred to a new phone. In one case the imposter simply called AT&T Customer Service, told them he dropped his phone in a lake, and that he had a new phone that needed to be activated. Instead of determining whether the phone that was allegedly at the bottom of a lake was still active and in-use, the AT&T representative accepted the unverified representations of the imposter and activated the “new” phone in the hands of the scam artist. The customer’s actual phone was deactivated and by the time it was realized, the fraudster gained access to the customer’s email and then virtual wallet. The CNN story about what happened to Mr. Ross – noticing his cell phone had no service, or “zero bars” for no apparent reason – is the first indication your SIM has been compromised.

Stoltmann Law Offices, P.C is currently representing an AT&T customer whose cell phone was hacked by a crook who then gained access to this virtual wallet and stole cryptocurrency.  Unfortunately, what happened to our client is not an isolated incident. AT&T customers nationwide have been falling victim to a scam known as “SIM Swapping”. This hacking scam is not a sophisticated attack and AT&T has legal obligations to protect its customers’ personal and private information from unauthorized exposure.

SIM Swapping is a fraudulent scheme where a scammer impersonates an AT&T customer to gain access to the customer’s SIM Card and have it activated in a phone controlled by the scammer. Once the scammer has the customer’s SIM card activated in the phone in his possession, it can then be used to gain access to a frightful number of internet accounts, including email providers. Here’s how it works in the simplest terms: The imposter convinces AT&T that he is in fact the customer, and makes up a story why his phone number needs to be transferred to a new phone. In one case the imposter simply called AT&T Customer Service, told them he dropped his phone in a lake, and that he had a new phone that needed to be activated. Instead of determining whether the phone that was allegedly at the bottom of a lake was still active and in-use, the AT&T representative accepted the unverified representations of the imposter and activated the “new” phone in the hands of the scam artist. The customer’s actual phone was deactivated and by the time it was realized, the fraudster gained access to the customer’s email and then virtual wallet.

These hackers are obviously breaking the law. One such hacker, Joel Ortiz, was arrested and charged with over a dozen counts of wire fraud and other related charge in July 2018. It was alleged he hacked at least forty phone numbers and stole more than $5 million in cryptocurrency. On January 25, 2019, Ortiz accepted a plea deal and was sentenced to ten years in prison.

CNBC
FOX Business
The Wall Street Journal
Bloomberg
CBS
FOX News Channel
USA Today
abc NEWS
DATELINE
npr
Contact Information