Article Details

SIM swap crooks solicit T-Mobile, Verizon staff via text to do their dirty work. No breach responsible for employee contact info getting out, says T-Mo. T-Mobile employees say they are being sent text messages that offer them cash to perform illegal SIM swaps for supposed criminals. Several Reddit posts reporting the unsolicited messages have popped up in recent days, including one megathread involving a screenshot of one of the offending messages telling an alleged T-Mobile employee that the scammer would pay them $300 per SIM swap. Several commenters said they had also received a similar message with a Telegram link to contact the sender. Some Reddit users claiming to be Verizon employees said they received the messages as well, indicating the scam isn't confined to T-Mobile. SIM swapping - as Reg readers know - is essentially a social engineering scam in which a criminal convinces a carrier to transfer a user's phone number to a SIM card they control. That gives the scammer full access to a victim's cell phone number, allowing them to receive multi-factor authentication text messages used to break into other accounts. Given the unfettered access to someone else's private data, the scam is potentially very lucrative. We contacted T-Mobile to learn more about the messages, and were told the company is aware of the recent attempted scams. "We continue to investigate these messages that were sent to solicit illegal activity. We understand other wireless providers have reported similar messages," a T-Mobile spokesperson told us. T-Mobile, known for its spate of breaches in recent years, also noted: "we did not have a systems breach" this time. That still leaves the question unanswered of how the SIM swap scammers behind the text solicitations got employee information belonging to employees at T-Mobile, Verizon, and other carriers. The messages claim that the contact info was obtained from "the T-Mo employee directory." It's possible T-Mobile employee data was acquired in one of the seven or so (publicly acknowledged) breaches T-Mobile has suffered in the last six years, which is backed up by the fact that several of the Redditors saying they received a message haven't worked at T-Mobile for some time. It's not clear how employee information from other carriers may have been obtained – we've asked Verizon as well, but haven't heard back.  For any greedy telco employee thinking of accepting the offer, several employees noted on Reddit that it's not a great idea. Anyone performing a SIM swap has to input their dealer code, meaning there would be a clear record of who did it. Without a social engineering caller to point the blame at, it could be a quick ticket to a lengthy prison term and hefty fine for anyone taking part.