SIM swapping: mobile phone providers confirm low risk
What is the current threat situation due to SIM swapping? There was a brief wave of phishing, since then the mobile network operators have issued a warning.
(Image: New Africa/Shutterstock.com)
Many media reports have recently painted a gloomy picture that SIM swapping poses a particular threat. After initial research, however, this turned out to be exaggerated: SIM swapping continues to be a rare occurrence, confirmed the Warendorf police in North Rhine-Westphalia; they merely wanted to raise awareness of the issue with their announcement.
SIM swapping is a scam in which attackers gain control of a victim's telephone number. If the attack is successful, they can set up the number on their own mobile devices and use it to make purchases, for example, thus causing financial damage.
Classification of mobile phone providers
At the request of heise online, the mobile network providers have made updated statements for the current year 2024. Their situation report also suggests that there is currently hardly any threat from SIM swapping. However, there was apparently a brief wave of phishing attempts aimed at SIM swapping, at least with one provider.
Videos by heise
When asked, a Telekom spokesperson told heise online that the company's IT experts had noticed "actors who wanted to use quite sophisticated phishing emails for a targeted SIM swapping scenario. June was the month with the highest number of attempts of this kind. Thanks to an integrated approach, we are currently no longer seeing any activity against customers of Deutsche Telekom or its secondary brand Congstar."
An example text message shows a very short text and a link with a URL that is not immediately suspicious: "Dear Telekom customer, your Telekom Sim registration expires on 05.06.2023. Register here: [...]", followed by the link, the perpetrators wrote there.
(Image:Â Telekom)
These text messages led to technically well-made phishing pages, Telekom explained to heise online. "With short texts, actors do not give themselves away so quickly through syntax or spelling. If the target domain of the link is also not too cryptic and not too generic, the chances of success unfortunately also increase. In terms of content, the actors remain in the SIM subject area, which also fools potential victims into believing they are authentic." The phishing websites also had a number of features to offer. "They adapted flexibly to the victim's usage scenario via device recognition (iOS/Android and other details). They were able to use and retrieve one-time PINs and other personal characteristics that can be used as authentication factors."
Situation with other mobile operators
A spokeswoman for 1&1, however, told heise online: "At 1&1, we are currently not observing any major fraudulent SIM swapping activities". Telefonica was not yet able to respond immediately, but plans to issue a statement shortly. We will update this report accordingly. Vodafone has not yet responded to our inquiries.
There were therefore attempts in May and June to find victims for SIM swapping, at least in the mobile networks of Telekom and its subsidiary Congstar. According to the same information, the situation regarding this scam is currently calm again.
In May, the Warendorf police in North Rhine-Westphalia issued a notice to raise awareness of the SIM swapping scam, as they had received several reports. However, after these isolated incidents in May, there was no further wave of this type of fraud, according to a spokeswoman for the authority.
(dmk)
