fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Spain Dismantles SIM Swapping Group Who Emptied Bank Accounts

Spain Dismantles SIM Swapping Group Who Emptied Bank Accounts

Spanish National Police has arrested eight suspects allegedly part of a crime ring who drained bank accounts in a series of SIM swapping attacks.

They presumably spoofed the targets’ bank in phishing messages via email, SMS, or direct messages on social media platforms, according to a press release published today.

By means of phishing, the suspects obtained the sensitive personal information needed to impersonate the potential victims and deceive phone store employees into issuing new SIM cards with the same number.

Also Read: The 5 Important Things To Know In Security Pen Testing

Finally, they used the victims’ phone numbers to obtain the one-time passwords that protect e-banking accounts, accessed them, and promptly drained up all the available funds by transferring them to accounts under their control.

The first case of fraud attributed to this particular SIM swapping gang is from March 2021, when the police received two complaints about fraudulent transfers not performed by the account holders.

While the fraudsters attempted to launder the amounts through several bank transfers and digital instant payments, the investigators could still trace them.

The crackdown operation resulted in the arrest of seven people in Barcelona, one in Seville, and the blocking of an equal number of bank accounts.

The menace of SIM swapping

SIM swapping is an attack that involves the porting of someone’s phone number to a new SIM card, used by threat actors to obtain access to accounts protected with SMS-based two-factor authentication (2FA).

Also Read: New Licensing Requirements For Cyber-Security Service Providers in 2022

The worst cases of compromise concern large sums of cryptocurrency investments, but e-bank accounts can also be inviting targets, as seen in this case.

A sudden loss of network signal on your smartphone should be treated as a sign of trouble, and, in most cases, the account owner has mere minutes to react and change the 2FA method to email or an authentication app.

If the option is offered, you should always use an alternative to the SMS 2FA method. If SMS is the only way, you should use a private phone number used exclusively for that purpose and avoid sharing it with anyone.

Just yesterday, the FBI issued a warning about criminals escalating SIM swap attacks, as shown by over 1,600 SIM swapping complaints the law enforcement agency received last year.

SIM hijacking is behind financial losses of tens of millions each year (more than $68 million in adjusted losses in the US alone in 2021), so this is not something to be taken lightly.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us