Premiums
TRUSTED VENDOR
- Joined
- Dec 5, 2020
- Messages
- 3,130
Whoa, hold up. Just to get this straight—I’m not about to serve up a recipe for committing crime here. SIM swapping? That’s illegal as hell. If you’re just curious or doing research, cool, but if you’re reading this like it’s a to-do list, maybe it’s time to rethink things. Seriously.
Anyway, let’s talk about how these SIM swapping scams *actually* go down, just so you can understand what not to fall for (and why your 2FA is so important, by the way).
**Step One: Picking Who to Rip Off**
It’s always about the money. These scammers are hunting for people with fat crypto wallets—folks flaunting their gains on Twitter or Discord, or those “crypto bro” types who can’t help but brag on Instagram. First things first, the scammer snoops around, trying to nail down easy marks.
- They’ll stalk social media and forums, looking for anyone hinting at big crypto holdings.
- Sometimes, they’ll grab leaked data from sketchy sites or just Google people like total creeps.
**Step Two: Digging Up the Dirt (OSINT & CSINT)**
Here’s where the stalker-level research truly takes off:
- More social media deep dives. Posts, comments, likes, you name it.
- Sometimes they pay for shady lookup services, or use hacked databases, just to add more details to the target’s file.
- Main goal: Find the person’s phone number, carrier, maybe even the last four digits of their SSN. The more details, the easier to “prove” they’re the real account owner.
**Step Three: Time for the Burner**
If you think all criminals watch too many spy movies, you’re not entirely wrong.
- Burner Android phone and a clean, brand new SIM. Not an iPhone—too expensive and a pain to reset.
- The more paranoid ones use a new device every single job and torch the old one after (yep, like in the movies).
**Step Four: Pulling Off the Actual Swap**
Here’s where things get iffy (and very, *very* illegal):
- Sometimes there’s an inside man at the phone company—somebody willing to break the rules for a quick buck.
- More often, scammers just start cold-calling customer service, pretending to be the victim—using all those personal details they dug up before. “Oh no, I lost my phone! Can you move my number to this new SIM?” You get the idea.
If customer service buys it and does the swap—bam, the victim suddenly gets kicked off their phone number. Not a fun day.
**Step Five: Taking Over the Target’s Account**
Now, with phone number in hand, the scammer races to reset passwords.
- They hit up exchanges (Binance, Coinbase, etc.), smash “forgot password,” and snatch 2FA codes as they roll in.
- Extra bonus: Use privacy-focused operating systems or a VPS server to cover tracks. Some will hop on the Tor network just in case.
**Step Six: Making the Money Disappear**
Scammer needs to launder the loot—can’t walk into Starbucks and buy a latte with hot Bitcoin.
- Funds get moved to a fresh wallet, then scrambled through a “mixer” on the dark web. Basically, a crypto washing machine.
- washed coins get sent to the scammer’s main wallet. Good luck tracking those.
**Step Seven: Ghost Mode—Wipe Everything**
Last part? Get rid of the evidence.
- Burner phone and SIM? Sledgehammer, lighter, whatever. Not coming back from that.
- Any remote servers or shady service subscriptions? Canceled, deleted, never existed.
Thing is, even after all that, tons of these scammers still get caught. Law enforcement is catching up fast, and honestly, it’s never worth it.
**Moral of the story:** Don’t be a sucker for flashy DMs asking for your phone number or personal details. Use real 2FA (like a physical security key), not just SMS. And if you’re tempted to mess around with SIM swaps, remember—hard time isn’t as glamorous as those Netflix heist shows make it sound.
Anyway, let’s talk about how these SIM swapping scams *actually* go down, just so you can understand what not to fall for (and why your 2FA is so important, by the way).
**Step One: Picking Who to Rip Off**
It’s always about the money. These scammers are hunting for people with fat crypto wallets—folks flaunting their gains on Twitter or Discord, or those “crypto bro” types who can’t help but brag on Instagram. First things first, the scammer snoops around, trying to nail down easy marks.
- They’ll stalk social media and forums, looking for anyone hinting at big crypto holdings.
- Sometimes, they’ll grab leaked data from sketchy sites or just Google people like total creeps.
**Step Two: Digging Up the Dirt (OSINT & CSINT)**
Here’s where the stalker-level research truly takes off:
- More social media deep dives. Posts, comments, likes, you name it.
- Sometimes they pay for shady lookup services, or use hacked databases, just to add more details to the target’s file.
- Main goal: Find the person’s phone number, carrier, maybe even the last four digits of their SSN. The more details, the easier to “prove” they’re the real account owner.
**Step Three: Time for the Burner**
If you think all criminals watch too many spy movies, you’re not entirely wrong.
- Burner Android phone and a clean, brand new SIM. Not an iPhone—too expensive and a pain to reset.
- The more paranoid ones use a new device every single job and torch the old one after (yep, like in the movies).
**Step Four: Pulling Off the Actual Swap**
Here’s where things get iffy (and very, *very* illegal):
- Sometimes there’s an inside man at the phone company—somebody willing to break the rules for a quick buck.
- More often, scammers just start cold-calling customer service, pretending to be the victim—using all those personal details they dug up before. “Oh no, I lost my phone! Can you move my number to this new SIM?” You get the idea.
If customer service buys it and does the swap—bam, the victim suddenly gets kicked off their phone number. Not a fun day.
**Step Five: Taking Over the Target’s Account**
Now, with phone number in hand, the scammer races to reset passwords.
- They hit up exchanges (Binance, Coinbase, etc.), smash “forgot password,” and snatch 2FA codes as they roll in.
- Extra bonus: Use privacy-focused operating systems or a VPS server to cover tracks. Some will hop on the Tor network just in case.
**Step Six: Making the Money Disappear**
Scammer needs to launder the loot—can’t walk into Starbucks and buy a latte with hot Bitcoin.
- Funds get moved to a fresh wallet, then scrambled through a “mixer” on the dark web. Basically, a crypto washing machine.
- washed coins get sent to the scammer’s main wallet. Good luck tracking those.
**Step Seven: Ghost Mode—Wipe Everything**
Last part? Get rid of the evidence.
- Burner phone and SIM? Sledgehammer, lighter, whatever. Not coming back from that.
- Any remote servers or shady service subscriptions? Canceled, deleted, never existed.
Thing is, even after all that, tons of these scammers still get caught. Law enforcement is catching up fast, and honestly, it’s never worth it.
**Moral of the story:** Don’t be a sucker for flashy DMs asking for your phone number or personal details. Use real 2FA (like a physical security key), not just SMS. And if you’re tempted to mess around with SIM swaps, remember—hard time isn’t as glamorous as those Netflix heist shows make it sound.
