Bad actors are tempting T-Mobile employees with cash rewards to perform SIM swaps

[Shawn Knight]

In a nutshell: T-Mobile employees across the country are being tempted with cash offers via text message to perform illegal SIM card swaps. The anonymous texters claim to have gotten a target's number from the T-Mobile employee directory, and offer up a $300 cash reward for each SIM card swap performed. Interested parties are encouraged to reply and do business over encrypted messaging platform Telegram.

The texts reportedly come from different numbers across multiple area codes, making them more difficult to trace or block. The Mobile Report points to multiple Reddit posts and tips from readers regarding the matter.

SIM card swapping is a scam in which a bad actor convinces a service provider to switch a victim's service to a SIM card that they control. The attacker can then use the hijacked line to infiltrate other valuable accounts like crypto wallets or bank accounts.

SIM swapping can be quite lucrative. In 2018, a 20-year-old was arrested and charged with hacking more than 40 phones and stealing $5 million in cryptocurrency.

If the phone numbers are indeed being sourced from a T-Mobile employee directory, it could mean a few things. Perhaps we're looking at yet another data breach. Worse yet, it may mean the attackers have constant access to the directory, suggesting an inside job.

It's worth noting that some of the people contacted for the illegal work are former T-Mobile employees that haven't been with the company for months, perhaps pointing to a dated list. The Mobile Report said at least some of those contacted are third-party employees, but confirmed that current corporate staffers have also received offers.

When reached for comment, T-Mobile told the pub it did not experience a system breach. Nevertheless, the carrier is continuing to investigate the matter, adding that "we understand other wireless providers have reported similar messages."

The strategy isn't just a problem for T-Mobile, but its customers as well. Knowing that your carrier is being targeted by this type of attack would be unnerving and as The Mobile Report points out, it's conceivable that at least some of the employees could take the attackers up on their offer to make some quick cash.

Image credit: Andrey Matveev

Permalink to story:

Bad actors are tempting T-Mobile employees with cash rewards to perform SIM swaps

 

[Kotters]

Reminder that SMS 2FA isn't a good, secure choice.

 

[toooooot]

Assuming Tmobile pays them absolute minimum, it seems very possible.

 

[Dreadcthulhu]

T-Mobile should start doing random security tests of its employees; inform the employees first about the sim swap scams, and that corporate will be sending out fake test messages, send out test messages offering to pay for sim swaps, give any employee who reports the message a small bonus, while firing any employing who is dumb enough to try to take the offer. Would get rid of both dishonest employees and those who are too dumb to follow training on this sort of thing.

 

[NumberNine]

Assuming Tmobile pays them absolute minimum, it seems very possible.

Agreed. Underpaid employees are much easier to compromise.

 

[Theinsanegamer]

Assuming Tmobile pays them absolute minimum, it seems very possible.

Around here T mobile pays $14 an hour for these staff. High School education recommended. You get paid to sit in an air conditioned room and play on your phone 70% of the time. Pretty sweet gig.

 

[GhostLegion]

I can confidently say they likely did source them from an employee directory but if so, it isn’t just T-Mo. How do I know? I got one of those texts but I’m a former employee of a 3rd party contractor…oh and so y’all are aware, this isn’t new, we do cover this in training and I’ve literally been offered cash on shift to perform SIM swaps. I think it was more than twice the amount offered in the text.

 

[GhostLegion]

Agreed. Underpaid employees are much easier to compromise.

Not really, you just have to be dumb enough to think you’ll get away with it. Everything is logged and easily visible. If you’re a t-Mo customer and I was still an employee, I could tell you who touched your account last and what they did. You don’t even need to be in IT to find that out. It’s stored on the account, you just need to know where to look. The only way you could get away with it is if I stole credentials from a coworker and logged in as them…which is why we don’t share credentials. And trust me, I was very underpaid for how knowledgeable I was. I made around $15/hour including commission? 12/hour was base pay and commission was annoying. Haven’t worked there in over a year and I got one of those stupid messages.

 

[godrilla]

I believe they have a feature where you lock your Sim and prevent fraud Sim swaps.

https://www.t-mobile.com/support/plans-features/sim-protection

I activated this feature on my lines years ago.

 

[GhostLegion]

I believe they have a feature where you lock your Sim and prevent fraud Sim swaps.

https://www.t-mobile.com/support/plans-features/sim-protection

I activated this feature on my lines years ago.

It’s available from every major provider. I know even T-Mo prepaid lines can get it. Most however do not use it. I don’t think I do either tbh…probably should go change that..

Edit:turns out I had it enabled already, it’s called number lock for Verizon

Edit 2: actually T-Mobile is more comprehensive than I thought. It prevents any kind of SIM swap, not just port outs. Port out protection is available for tmo prepaid and Verizon but not complete SIM swap protection like that. Interesting.

 

[Ecurb]

I read one story where the scammer simply scanned LinkedIn looking for someone working for a telecom. Found a bunch, made them offers, most refused, but a few took it and the resulting sim swaps happened.

 

[kiwigraeme]

An interesting fact about bribery. Much cheaper to pay someone to be negligent
Ie an immigration officer does have to check every bag, so they feel no crime took place.

See how much it jumps when contraband found in someones bags, you are now asking them do abet a crime and NOT do their job.

Also met a Kiwi in a Bolivian prison in the 80s , he was the chemist in cocaine ring. Said the only reason he went to prison as tip off was USA officials who caught other members in The USA.

He explained the lower down the food chain , the cheaper it was , eg a lowly policeman , up to say a Judge, gave me actual figures.

He was abiding his time to buy his way out- the previous prison director had let too many pay their way out , so was now in same prison
The Kiwi had his own room and a pistol to protect himself - showed it to me. Most things available in prison for money , Putas , good food etc.

Corruption is a normal way of life in many of the countries I visited, govt/army people often not paid for months.

I was a goody goody , but a some AA batteries for music players in middle of no where , or cigarettes could get a favour. A bottle of only the best whiskey in the world could do more aka Johnny walker red label ( yeah one of the cheap brands, but was well marketed and to them probably top shelf )

 

[BuckarooBonzaii]

Money talks, BS walks. But like Jenga all it take is one mistake and the rest comes tumbling down. Hopefully you're not playing that game.