Eric Meiggs, a 23-year-old Massachusetts man, has pleaded guilty to seven counts associated a scheme to take over people’s social media accounts. Meiggs and his cohorts attempted to steal $530,000 in cryptocurrency as well as valuable social media accounts by hacking his victims’ phones.
Meiggs admitted that he and one or more co-conspirators had conspired to use an illegal practice called “SIM-swapping” to gain control of people’s online accounts. Together, they targeted 10 U.S. residents and stole, or tried to steal, $530,000 of the victims’ cryptocurrency. They also stole two high-value social media account names, the Department of Justice said in a press release.
Meiggs pleaded guilty to all seven criminal counts including conspiracy, wire fraud, computer fraud and abuse as well as aggravated identity theft. He’ll be sentenced on September 15. He faces a minimum two-year prison sentence.
Chesnot/Getty
In SIM-swapping, fraudsters find an individual’s personal information through email “phishing” scams, malware, the dark web or social media research. They then use that information to contact their victim’s phone companies. They authorize the companies to reassign the victim’s phone number to a new SIM card located in the fraudster’s smartphone.
One re-routed, the SIM cards, which store the victim’s phone data, ensure that all calls and text messages go to the criminal’s phone. After doing this, the fraudsters can reset passwords on any accounts connected to the victim’s phone number. They then use those to access the victim’s other accounts and commit further acts of theft and fraud.
Cybersecurity experts say that people can avoid a SIM-swap scam by using strong, unique passwords and security questions known by no one else. Instead of setting up two-factor notifications that send messages to your cell phone, experts suggest using Google Authenticator, an app tied to your physical device rather than your phone number.
Also, people can request that their banks and other organizations use a callback security check to ring their phones as a way to ensure a client’s true identity.
In July 2020, an unknown entity hacked into Twitter accounts belonging to famous people and corporations in an attempted cryptocurrency-related scam.
The entity hacked the Twitter accounts of several major cryptocurrency groups, including Gemini, Coinbase, Binance and CoinDesk. They also accessed the accounts of celebrities like Kanye West, Elon Musk and Bill Gates, as well as companies like Apple and Uber and politicians like now-President Joe Biden and former President Barack Obama.
In April 2020, the Federal Communications Commission warned that scammers are increasingly using online and telephone scams to prey on consumers during the coronavirus epidemic.
One recent online scam targets people who have been vaccinated against COVID-19, offering prizes in exchange for filling out a post-vaccination survey online. The surveys ask people for personally identifiable information that scammers then use to steal people’s identities. They then use those identities to commit fraud or sell them to other criminals.