Ex-carrier employee sentenced for role in SIM-swapping scheme

A former sales representative of a mobile carrier has been sentenced after accepting bribes to perform SIM-swapping attacks. 

This week, the US Department of Justice (DoJ) said that Stephen Defiore, a Florida resident, accepted “multiple bribes” of up to $500 per day to perform the switches required to reroute phone numbers in SIM-swapping. 

SIM-swapping is quickly becoming a serious issue for telecommunications firms — made worse when employees, who have access to internal systems — are involved. 

These attacks require either internal help or the use of social engineering to convince a carrier to reroute calls and text messages from one handset to another. SIM-swapping is often performed to circumvent security controls including two-factor authentication (2FA) and to compromise accounts for services including banking and cryptocurrency wallets. 

The victims may only have a small window of time to rectify the situation once they realize that phone calls and messages are not being received — but by the time they reach their service provider, attackers may have already secured the second-level security codes required to hijack other accounts. 

Rather than go through the effort of obtaining enough information on a target to successfully manage to pretend to be the victim on a

Read More: https://www.zdnet.com/article/ex-carrier-employee-charged-for-role-in-sim-swapping-scheme/#ftag=RSSbaffb68