The Spanish National Police successfully arrested a SIM swapping gang known as the “Black Panthers”, making 55 arrests in Barcelona.
The group managed to accumulate a total amount of €250,000 by draining the bank accounts of a hundred victims by gaining access to their personal details after tricking the phone companies.
The police stated that vishing was the technique majorly used to obtain duplicate SIM cards. “They did it directly to well-known telephone and telecommunications companies in our country, posing as customers – whose data they already had after having carried out phishing attacks on the employees of the telephone operators themselves,” said the police
By cleverly posing as technical support workers, the gang members gained straightforward access to databases containing the user credentials of phone company employees. This enabled them to acquire customers’ personal details and make duplicate SIM cards.
In its press release, Spanish Police added that the cybercriminals also used dark web forums to illegally obtain ID and credit card numbers through cryptocurrency purchases.
The items purchased using the cloned cards were usually luxury products that were collected at the delivery points by displaying the physical IG cards stolen or bought on black markets to make it difficult for the purchase to be traced back to them. During the bust, 45 SIM cards, 11 mobile phones, and four laptops were seized.
The group consisted of a network of four differentiated but interconnected cells that used different methods to carry out scams. The group had an interesting collaborative dynamic that allowed them to work without a central leader, instead relying on highly specialized individuals to succeed in their separate criminal endeavors.
- Europol nabs SIM hacking network from across Europe
- 10 SIM-swapping hackers nabbed for targeting US celebrities
- Turkish PoliceArrests Sim Swapping Crypto Stealing Hackers
- Sim swapping hackers charged with stealing $2.5m in crypto
- Europol nabs 106 criminals for SIM swapping, money laundering
“Those investigated took control of mobile phone numbers of victims by making a duplicate of their SIM cards,” said police. “To do this, they used phishing, vishing, and call-forwarding techniques. Once they impersonated the identity of the users, they took control of victims’ electronic banking and made fraudulent transfers to a network of mules spread throughout the Levantine coast.”
By doing so, the criminals drained their victims’ accounts with approximately €2,500 stolen from each one.