Store manager admits SIM swapping his customers

phone ready for SIM swapping

A 42-year-old manager at an unnamed telecommunications company has admitted SIM swapping customers at his store.

SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number and re-routing it to a phone under the attacker’s control.

Once an attacker has successfully hijacked their victim’s mobile number, they can use it to send and receive calls and messages (and the victim can’t). For that reason, SIM swapping can be used to get around two-factor authentication (2FA) codes sent by SMS message. Armed with an email and password—which are easily bought online— and the 2FA code, an attacker could take over the victim’s online accounts.

SIM swapping can be done in a number of ways, but perhaps the most common involves a social engineering attack on the victim’s carrier. However, if you have a telecoms manager on your payroll then there’s no need for social engineering—they can just do the SIM swap for you.

In May 2021, Jonathan Katz, aka “Luna” was employed as a manager at a telecoms store. Using managerial credentials, he swapped the SIM numbers associated with customers’ phone numbers into mobile devices controlled by another individual, enabling this person to control the customers’ phones and access the customers’ electronic accounts – including email, social media, and cryptocurrency accounts.

In exchange, Katz received $1,000 per SIM swap and a percentage of the revenue from the compromised phone number. He was paid in Bitcoin, which was traced back to Katz’s cryptocurrency account.

Katz pleaded guilty before Chief U.S. District Judge Renée Marie Bumb in Camden federal court on March 12, 2024, to a charge of conspiracy to gain unauthorized access to a protected computer.

Katz was charged for SIM swapping five numbers. He’s now facing a statutory maximum of five years in prison and a fine of up to $250,000. Sentencing is scheduled to take place on July 16, 2024.

What to do if you are a victim of SIM swapping

In this case, being careful online would not have helped the victims to prevent the SIM swap. However there are some things that are tell-tale signs of a SIM swapping attack and some things you can do to limit the consequential damage.

If your mobile number suddenly is inactive or out of range, call your mobile operator immediately.
Check your online accounts immediately if you receive a notification about unusual activity. Contact the account provider if you find you no longer have access yourself.
If you can, register for email alerts as well as SMS for your banking transactions, so you continue to receive alerts via your email in case your SIM is deactivated.
If you fall victim to a SIM hijacking attempt, change the passwords for services like your online banking and email immediately.
If you notice irregular transactions, contact your bank to have your account blocked and avoid further fraud.
Contact your cellular service provider so they can stop the attacker by cutting off their access to the mobile network.
Consider setting up 2FA on dedicated authentication apps (such as Google Authenticator) or hardware, rather than using SMS.

Check your digital footprint

If you want to find out how much of your data has been exposed online, you can try our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using Malwarebytes Identity Theft Protection.