For years, cybercriminals have been abusing a rather popular, personally identifiable practice, namely, the activation of an online account for a particular service through SMS. Relying on the basic logic that a potential service user would not abuse its ToS (Terms of Service) for fraudulent or malicious purposes. Now that it associates a mobile with the account, the service continues ignoring the fact the SIM cards can be obtained by providing fake IDs, resulting in the increased probability for direct abuse of the service in a fraudulent/malicious fashion.

What are cybercriminals up to in terms of anonymous SIM cards these days? Differentiating their UVP (unique value proposition) by offering what they refer to as “VIP service” with a “personal approach” for each new client. In this post, I’ll discuss a newly launched service offering anonymous SIM cards to be used for the activation of various services requiring SMS-based activation, and emphasize on its unique UVP.

Sample screenshots of the inventory of anonymous SIM cards offered for sale:

Anonymous_SIM_Cards_Russia_Service_Activation_Fraud_Scam_Cybercrime_01

Anonymous_SIM_Cards_Russia_Service_Activation_Fraud_Scam_Cybercrime_02

Next to the inventory of cybercrime-friendly non-attributable SIM cards, the cybercriminal behind this underground market proposition is also attempting to add additional value to his proposition, by not just offering the option to store the SIM cards in safe box, but also, destroy the SIM card by offering a video proof of the actual process.

Anonymous_SIM_Cards_Russia_Service_Activation_Fraud_Scam_Cybercrime

Sample screenshot of a video proof showing the destruction of an already used SIM card courtesy of the service:

Anonymous_SIM_Cards_Russia_Service_Activation_Fraud_Scam_Cybercrime_03

The service also charges a premium price for sending and receiving SMS messages, due to the value added features.

The existence and proliferation of such type of services on the basis of false identifies, directly contributes to the rise of fraudulent and malicious schemes launched on behalf of their users. Now that a pseudo-legitimate identification has taken place on popular Web site, a fraudster is in a perfect position to not just start abusing its trusted infrastructure as a foundation for launching related attacks, but also, directly targets a particular Web service’s internal users through the trusted mechanisms offered by it.

We’ll continue monitoring this underground market segment, and post updates as soon as new services offering anonymous SIM cards emerge.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This