WAS YOUR CRYPTOCURRENCY STOLEN IN A SIM CARD SWAP OR HACK?
Get Help Now!
Complete the form below for a FREE, NO OBLIGATION
SIM Hack Claim Evaluation.
YOU MAY BE ENTITLED TO COMPENSATION.
Over the last year, our law firm has seen a rise in cybercriminals targeting vulnerabilities in the networks Verizon, AT&T, T Mobile, and other telecommunication companies and exploiting those vulnerabilities to drain the cryptocurrency and financial accounts of the cell phone users. The crime, known as a SIM card swap or SIM card hack, involves several steps that leads to the deactivation of the SIM card on your personal phone and the reactivation of your SIM card on another device you do not have access to. While the Subscriber Identity Module (SIM) swapping is an old trick, the FBI has issued a major alert regarding the massive increase in cases in 2021 over previous years directly related to the theft of crypto assets and other virtual currency from cryptocurrency investors.
These crimes have resulted in cryptocurrency hack losses for the holders of cryptocurrency that range anywhere from hundreds of thousands of dollars into millions of dollars in some cases. These digital wallet hacks have left many investors in crypto, digital currencies and digital assets with extremely large financial losses as the result of the SIM card swap hack.
The cryptocurrency loss attorneys at Marin and Barrett, Inc. are evaluating potential claims against the phone company and mobile carriers to recover losses suffered by crypto investors who were a victim of this specific type of SIM swap crime.
HOW ARE CRIMINALS ABLE TO ACCESS YOUR FUNDS FROM A SIM SWAP?
While smartphones, mobile devices and cellular phones have made life managing certain online services like banking simple and easy, it has also become a playground for criminals and other bad actors. This is happening more and more frequently due to lax security features and internal security measures by mobile phone carriers. When criminals gain access and are able to authenticate our online services, such as personal emails, SMS sign-in codes, and two-factor authentication that banks use, it is a serious security breach. With that access, criminals and criminal organizations then have access to bank accounts, cryptocurrency wallets, and other financial assets. The bad actor can then access your digital currency and drain your virtual wallets and perpetrate the cryptocurrency theft, all without ever having to have access to your actual phone.
This type of fraud can be perpetrated by:
- Social engineering
- Direct bribery (insider threat)
- Phishing attacks
Social engineering refers to the use of deception to persuade victims to unknowingly reveal confidential or personal information to criminals or bad actors. Sometimes this information is obtained publicly from the victims social media accounts. In other cases, the bad actors convince you that you are a “victim”, such as that your cell phone was stolen or that you sold it with the SIM card inside.
The act of phishing refers to sending a fraudulent email pretending to be from a legitimate company. Phishing emails can target both corporate employees and individuals. Once inside, the hacker now has access to all personal email accounts and even personal information that can be used to access the banking services, online accounts, brokerage accounts, cryptocurrency accounts and digital wallets of that person in the future.
Unfortunately, bribery of cell phone company employees or customer service representatives is also sometimes a factor in SIM swap fraud.
The actual SIM swap is carried out at the mobile phone provider level – for example, at a T-Mobile USA store with cellular carrier employee such as a T-Mobile representative. The fraudster ideally will require some type of Personally Identifiable Information (PII) to be able to impersonate you. Examples of this information are your date of birth, social security number, physical address, email address, and other similar items.
This type of information can be obtained through Phishing as described above or a company data breach.
There are many ways that PII (personal identifiable information) can be obtained. Phishing is one of the leading ways. Fraudsters obtain your email address (often through an online data breach) and send you an email pretending to be a legitimate company, requesting personally identifiable information. This type of email would never be sent by a legitimate company, especially not a financial institution.
PII is also often obtained through data breaches or through public social media accounts. The Identity Theft Resource Center (ITRC) reported that, by the third quarter of 2021, 281,451,400 people had been victims of a data breach since the beginning of the year. The primary attack vectors were phishing and ransomware.
WHO IS RESPONSIBLE FOR YOUR SIM SWAP OR SIM HACK CRYPTOCURRENCY LOSSES?
From January 2018 to December 2020, the FBI received 320 complaints related to SIM swap attacks with losses of approximately $12 million. In 2021, it received 1,611 SIM-swapping complaints with losses of more than $68 million.
Liability can be found in a variety of places including cell phone service providers – but one area that is currently front and center is giant telecom cell phone provider T-Mobile.
The case of Reginald Middleton vs. T-Mobile case is a very public and well known unauthorized SIM swap case. The plaintiff has alleged that T-Mobile is responsible for it’s role in facilitating a SIM swap scam that resulted Middleton $8.7 million in lost BTC tokens. Middleton’s crypto assets and other online accounts were targeted by criminals because he was a well-known holder of cryptocurrency and cryptocurrency user. The lawsuit, which is still unresolved and in arbitration, alleges that the cell carrier T-Mobile failed to follow industry standard security protocols and hired poor staff that has and continues to compromise customer data and crypto assets. Middleton is seeking recovery of his lost $8.7 million in cryptocurrency as well as punitive damages.
And Middleton is not alone – there have been numerous cryptocurrency loss lawsuits filed against T-Mobile for SIM swap issues. The lawsuits have cited that the wireless carrier has failed to protect their consumers due to poor employee oversight. The many examples include a fraudster contacting a company representative, in this case T-Mobile employee, convincing the representative that they are the victim and asking the representative to port the true SIM swap victim’s old number to a new prepaid SIM. From there, the criminal can then gain access to bank accounts cryptocurrency trading platforms, and cryptocurrency wallets by having an access code sent as a text message to the prepaid SIM.
Federal Trade Commission (FTC) even went above and beyond to warn the cellular company in 2016 about this potential type of fraud. Despite several warnings from the FTC, however, T-Mobile has neglected to improve security measures or add any type of extra security. According to the complaint, T-Mobile failed to adopt the recommended corrective steps, exercising a “rash disregard for the safety of their customers’ information.”
Have You Lost Cryptocurrency as a Result of a SIM Card Swap?
Cryptocurrency litigation can be brought in the form of a class action or an individual digital token lawsuit. In some cases, these claims must be brought to arbitration due to the cell phone carrier or cryptocurrency exchange terms of service. If you feel that you have been wronged on a cryptocurrency exchange like FTX, Coinbase, or Binance, taken advantage of due to fraud or misrepresentation, or have had your digital cryptocurrency stolen in a SIM swap scam, contact the Marin and Barrett, Inc. law firm for legal advice and legal representation and a no obligation case evaluation today at (888) 348-2735. We represent most cryptocurrency users on a pure contingency fee basis. This means that unless our clients recover some or all of their cryptocurrency losses, we do not get paid a fee for our services.