SIM swap crooks solicit T-Mobile US, Verizon staff via text to do their dirty work
No breach responsible for employee contact info getting out, says T-Mo
T-Mobile US employees say they are being sent text messages that offer them cash to perform illegal SIM swaps for supposed criminals.
Several Reddit posts reporting the unsolicited messages have popped up in recent days, including one megathread involving a screenshot of one of the offending messages telling an alleged T-Mob employee that the scammer would pay them $300 per SIM swap. Several commenters said they had also received a similar message with a Telegram link to contact the sender.
Some Reddit users claiming to be Verizon employees said they received the messages as well, indicating the scam isn't confined to T-Mobile US.
SIM swapping - as Reg readers know - is essentially a social engineering scam in which a criminal convinces a carrier to transfer a user's phone number to a SIM card they control. That gives the scammer full access to a victim's cell phone number, allowing them to receive multi-factor authentication text messages used to break into other accounts. Given the unfettered access to someone else's private data, the scam is potentially very lucrative.
We contacted T-Mobile US to learn more about the messages, and were told the company is aware of the recent attempted scams.
"We continue to investigate these messages that were sent to solicit illegal activity. We understand other wireless providers have reported similar messages," a T-Mo spokesperson told us.
T-Mobile US, known for its spate of breaches in recent years, also noted: "we did not have a systems breach" this time.
- Relying on AT&T, Verizon and T-Mob US to protect you from SIM swapping? You better get used to disappointment
- FCC reminds US mobile carriers that customer data needs to be protected
- Ransomware crooks SIM swap medical research biz exec, threaten to leak stolen data
- 'Baby Al Capone' to pay $22m to SIM-swap crypto-heist victim
That still leaves the question unanswered of how the SIM swap scammers behind the text solicitations got employee information belonging to employees at T-Mobile US, Verizon, and other carriers. The messages claim that the contact info was obtained from "the T-Mo employee directory."
It's possible T-Mobile US employee data was acquired in one of the seven or so (publicly acknowledged) breaches T-Mob has suffered in the last six years, which is backed up by the fact that several of the Redditors saying they received a message haven't worked at T-Mob for some time.
It's not clear how employee information from other carriers may have been obtained – we've asked Verizon as well, but haven't heard back.
For any greedy telco employee thinking of accepting the offer, several employees noted on Reddit that it's not a great idea. Anyone performing a SIM swap has to input their dealer code, meaning there would be a clear record of who did it. Without a social engineering caller to point the blame at, it could be a quick ticket to a lengthy prison term and hefty fine for anyone taking part. ®