Fraudsters are stealing from bank accounts by diverting calls and text messages

The fraudsters are stealing a large sum of money from the victim’s bank accounts by taking the control of their mobile phones and then intercepting the texts messages sent by the banks.

The fraudsters are again gathering as much info as possible on the victims and using a method we warned the public in the past named SIM splitting, to gain the access to bank accounts of people.

This is the Money investigation found which one victim from the London lost £22,300 when these fraudsters raided their Santander accounts using the method. Two more victims had drained  £19,500 from their accounts after the criminals intercepted their bank’s text messages.

How does this fraud work?

Step 1: Initially the fraudsters have harvested as much as they can about the targetted individual. This includes intercepting their post, searching public information on the search engines/social media, tricking them into the installing of malware or buying the information from the Organised Crime Groups.

Step 2: With this information, these fraudsters will call victim’s mobile phone provider and tell them that their handset has been stolen, lost or damaged. Since they can answer basic security questions, old SIM is cancelled and some new one is activated. The fraudster may also ask for all the texts/calls to be diverted to a new phone.

Step 3: The first victim will know of a problem is when victim’s mobile stops working. This can look innocent at first and many people may just think it is just a signal problem.

Step 4: These fraudsters then hack into the victim’s online banking and then open a parallel business account. Since all the new business account is already in existing customer’s name, there are only a few security checks.

Step 5: The fraudsters then start to transfer money to accounts in their control. The banks will either call or text to confirm that payments being sent are genuine.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil