Criminals want to pay T-Mobile and Verizon staff for SIM swaps. Here's what you need to know
In an attempt to steal mobile users' data, malicious actors are targeting Verizon and T-Mobile employees.
Current and former Verizon and T-Mobile employees told Bleeping Computer that they've received unsolicited messages from unidentified cybercriminals offering up to $300 to perform SIM swaps. In some cases, the attackers are asking the employees to respond to them by text, while others said they could discuss the details on encrypted messaging platform Telegram.
"I got your number from the T-Mo employee directory," one of the messages to a T-Mobile employee said. "I'm looking to pay someone up to $300 per sim swap done, if you're interested, reply and we can talk."
Also: 6 ways to protect yourself from getting scammed online, by phone, or IRL
A SIM swap attack typically involves a cybercriminal getting a wireless carrier to direct service to their phone instead of the actual customer paying for that service. This often leads to identity theft, loss of sensitive information, and financial scams. What's worse, SIM swap attacks are on the rise.
In 2022, the FBI issued a warning to consumers that SIM swap attacks are growing. The agency received 320 SIM swapping complaints between January 2018 and December 2020 that cost victims $12 million. In 2021, that number jumped to 1,611 complaints and more than $68 million in losses. In 2022, complaints jumped to more than 2,000 and losses totaled nearly $73 million.
Since the attackers also targeted former Verizon and T-Mobile employees, it's possible they are using outdated directories. As of this writing, it doesn't appear that the malicious actors obtained the records in a data breach. In a statement to Bleeping Computer, T-Mobile said the company didn't suffer "a systems breach," and is investigating "messages that are being sent to solicit illegal activity."
It's unclear from the report whether any employees attempted to take the cybercriminals up on their offer. We also don't know how many employees the malicious actors targeted.
We reached out to both Verizon and T-Mobile for more information. We'll update this space as new details emerge.