“eSIM swapping”: charges filed for mTAN fraud!
As the BSI reports, the Bavarian Cybercrime Central Office has brought charges against two men and a woman for various internet crimes! The defendants are accused of obtaining their victims' phone numbers via eSIM swapping. “In the next step, they logged into the bank accounts whose passwords they had previously obtained on the dark web. Since the perpetrators had taken over the cell phone number, the mTAN code sent via SMS reached them directly,” says the Bavarian police, describing the perpetrators’ actions.
The Bavarian Cybercrime Central Office files charges for fraud using eSIM cards - extensive investigations by the police and public prosecutor's office prevent transactions of almost 200,000 euros
Joint press release from the Lower Franconia Police Headquarters and the Bavarian Cybercrime Central Office dated January 15, 2020
BAMBERG/WURZBURG. The Bavarian Cybercrime Central Office set up at the Bamberg Public Prosecutor's Office has brought charges against two men and a woman from Lower Franconia for various internet crimes. The 33-year-old main perpetrator is accused, among other things, of having gained large-scale access to third-party bank accounts using so-called eSIM swapping.
The Würzburg Criminal Police Inspectorate and the Bavarian Cybercrime Central Office have managed to track down a large-scale fraud scheme using so-called eSIM swapping. A 33-year-old from the Würzburg district was arrested in June 2019 and has been in custody ever since. Thanks to the quick and intensive investigations, many of the victims were protected from financial damage that would have totaled over 200,000 euros.
[mk_ad]
The victims first noticed that they could no longer use their cell phones. They later discovered that unauthorized transactions had been made from their bank accounts. The question of how the perpetrators managed to access the accounts led to intensive investigations by cybercrime specialists from the criminal police and the public prosecutor's office. It was discovered that the perpetrators had taken over their victims' phone numbers via an eSIM swap. To do this, they obtained the login data for the customer profiles from the telephone providers in various ways. In the next step, they logged into the bank accounts whose passwords they had previously obtained on the dark web. Since the perpetrators had taken over the cell phone number, the mTAN code sent via SMS reached them directly. From this point on, they were free to use the account and make transfers. In some cases, planned bookings or direct debits were even canceled in order to be able to steal even more money. The ongoing investigations by the Würzburg Criminal Police Inspectorate under the direction of the Bamberg Public Prosecutor's Office have so far led to 27 victims nationwide. Thanks to the operational measures initiated early on, an asset loss of over EUR 200,000 was prevented by stopping the transfers.
The SIM swapping procedure, which at first glance appears to be complex, is so tempting for the perpetrators because they receive the code for the mTAN procedure via SMS, which is intended to protect most online banking portals from attacks. The special thing about the eSIM (embedded SIM) is that a physical SIM card is no longer required. The eSIM is a chip that is permanently installed in the device and is described electronically with the eSIM profile. In practice, this is done by scanning a QR code, which is usually provided online by the provider in an email or on a website. Initially, those who have been cheated only notice that something is wrong with their cell phone and that they are no longer receiving messages and can no longer make calls. Only a look at the bank statements shows that an unknown person has taken control of the phone and account.
The Bavarian Cybercrime Central Office charges the 33-year-old, who is said to have acted with an as yet unknown accomplice, with 36 cases of commercial computer fraud in the indictment for the above-mentioned crimes.
He is also accused of having placed fraudulent orders for goods on the Internet for a total of EUR 23,083.22 in a total of 38 cases with his wife, who is also 33 years old. The goods were delivered to packing stations, and the accused are said to have obtained the access data for this on a platform on the Darknet. In view of these acts, the two now have to answer for 38 cases of commercial computer fraud.
Ultimately, the couple and a co-accused 35-year-old from the Kitzingen district are accused of ordering and purchasing various narcotics on the Darknet in order to then sell them for a profit. The indictment lists, among other things, three cases of illegal gang trafficking in narcotics in large quantities. An arrest warrant was also issued against the 35-year-old in June at the request of the Bavarian Cybercrime Central Office.
[mk_ad]
For all the crimes, the trio must answer before the criminal chamber of the Würzburg regional court, which now has to decide whether to admit the charges and open the main trial.
To protect yourself from various scams on the Internet, the police and the public prosecutor's office advise:
- Use a current operating system with the latest security updates
- Use an anti-virus program and a firewall
- Passwords should be sufficiently long and secure
- Avoid using a uniform password for all pages, but instead use an individual password for each login
- Enable two-factor authentication where possible
- Never pass on passwords and/or TANs to third parties, even if your alleged provider asks you for them
Source: Bavaria Police
Article image: Shutterstock / By acarapi
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

