Security News

SIM swapping attacks have been reported in the media since 2017. With the ENISA Report - Countering SIM-Swapping, the EU Agency for Cybersecurity gives an overview of how SIM swapping attacks work and of the extent to which Member States are affected.

A sixth member associated with an international hacking group known as The Community has been sentenced in connection with a multimillion-dollar SIM swapping conspiracy, the U.S. Department of Justice said. Garrett Endicott, 22, from the U.S. state of Missouri, who pleaded guilty to charges of wire fraud and aggravated identity theft following an indictment in 2019, was sentenced to 10 months in prison and ordered to pay an amount totaling $121,549.

De Rose allegedly conspired with members of a gang known as The Community to defraud someone identified in court as "RM". He is currently contesting extradition to the US to stand trial on wire fraud, theft, and money laundering charges. De Rose's extradition hearing comes after the National Crime Agency arrested eight men aged between 18 and 26 back in February on suspicion of carrying out SIM-swap attacks targeted at US citizens.

The US Department of Justice has indicted a suspected Twitter hacker known as 'PlugWalkJoe' for also stealing $784,000 worth of cryptocurrency using SIM swap attacks. SIM swap attacks are when threat actors take control of targets' phone numbers by porting them to their own device's SIM card.

Hardware-based security tokens or dongles have gained popularity, particularly at the enterprise level. Tiny hardware devices are not without their challenges.

The Federal Communications Commission in the U.S. this week announced that it started to work on rules that would pull the brake on SIM swapping attacks. The decision comes after the agency "Received numerous complaints from consumers who have suffered significant distress, inconvenience, and financial harm as a result of SIM swapping and port-out fraud."

Police arrested 106 people suspected of carrying out online fraud for an organized crime gang linked to the Italian Mafia, Europol said on Monday. It's claimed the suspects scammed hundreds of victims using phishing; SIM swapping attacks, in which crooks typically take control of people's cellphone numbers to get account login tokens texted to them; and so-called business email compromise, in which fraudsters typically use bogus invoices and the like to trick company staff into transferring money to the thieves.

As companies nudge their staff to return to communal workspaces, many workers don't actually want to - more than 50 percent of employees would rather quit, according to research by EY. While HR teams worry over the hearts and minds of staff, IT security professionals have a different battle plan to draft - how to make the new normal of the hybrid workplace secure. In a hybrid workplace, a Zero Trust strategy means ever-tightening security.

As companies nudge their staff to return to communal workspaces, many workers don't actually want to - more than 50 percent of employees would rather quit, according to research by EY. While HR teams worry over the hearts and minds of staff, IT security professionals have a different battle plan to draft - how to make the new normal of the hybrid workplace secure. In a hybrid workplace, a Zero Trust strategy means ever-tightening security.

Declan Harrington, a Massachusetts man charged two years ago for his alleged involvement in a series of SIM swapping attacks, pleaded guilty to stealing cryptocurrency from multiple victims and hijacking the Instagram account of others. Harrington was charged with Eric Meiggs in November 2019 for targeting the owners of high-value Instagram and Tumblr accounts.