Zamenjave SIM kartic, vdori v podatke in ukradeni računi: kako prevaranti spreminjajo uhajanja informacij v pravi denar

/Tehnologija/ Avtor

Kršitve podatkov so postale tako rutinske, da jih mnogi ljudje obravnavajo kot hrup v ozadju – nadležno e-pošto, ponastavitev gesla in nato vrnitev v življenje. Toda prava nevarnost pogosto pride kasneje, ko se razkrite podrobnosti združijo v ciljno usmerjene napade, ki se zdijo osebni, verjetni in jih je težko ustaviti.

Preiskava BBC o žrtvah prevar kaže, kako ta cevovod deluje v praksi: uhajanje starih podatkov pomaga kriminalcem pri izvajanjuNapadi z zamenjavo SIM-kartice, ugrabiti e-poštne račune, odpreti kredit na ime nekoga drugega ali prevzeti nadzor nad poslovnimi oglaševalskimi računi. Kar je videti kot »le uhajanje e-poštnega naslova«, lahko postane neposredna pot do denarja, identitetnih prevar in mesecev čiščenja.

Ta razlaga razčleni mehanizme: kako uspejo zamenjave SIM-kartic, zakaj lahko dvofaktorska avtentikacija ne uspe in kateri praktični koraki dejansko zmanjšujejo tveganje.

Cevovod od vdora do prevare (v preprostem jeziku)

Večina prevar, ki se končajo z krajo sredstev, sledi ponavljajočemu se zaporedju:

  1. Osebni podatki so razkriti(zaradi vdora v podjetje, ki ste ga uporabljali pred leti).
  2. Kriminalci ga bogatijoz združevanjem več kršitev, javnih informacij in včasih virov posrednikov podatkov.
  3. Ciljajo na najšibkejšo povezavo(mobilna številka, e-poštni nabiralnik ali potek dela »pozabljeno geslo«).
  4. Stopnjujejo se— uporaba prvega vdora za ponastavitev gesel in prevzem drugih računov.

Joe Tidy, dopisnik BBC-ja za kibernetsko varnost, ugotavlja, da če ste žrtev vdora, povečate možnost, da postanete tarča. Ključno ni v tem, da vsak vdor vodi do prevare, temveč v tem, da vdori zagotavljajo surovine, ki jih kriminalci potrebujejo za verodostojno lažno predstavljanje.

Napadi z zamenjavo SIM kartice: zakaj je vaša telefonska številka glavni ključ

V enem primeru je ženska po imenu Sue za BBC povedala, da je bilo njeno digitalno življenje ugrabljeno prekZamenjava SIM-kartice.

Napad z zamenjavo SIM kartice deluje takole:

  • Zločinec prepriča mobilnega operaterja, da je pravi imetnik računa.
  • Operater izda novo SIM kartico (ali prenese številko) in telefon žrtve izgubi signal.
  • Zločinec zdaj prejema klice in besedilna sporočila, namenjena žrtvi – vključno s potrditvenimi kodami.

Ko napadalci prevzamejo nadzor nad vašo številko, jo lahko prestrežejoVarnostne kode prek SMS-ovuporablja se za ponastavitev gesla in preverjanje prijave.

Sue je povedala, da so jo prevzeli prevaranti.Gmailin jo nato zaklenil venbančni računipo neuspešnih varnostnih preverjanjih. Imela je tudikreditna kartica odprta na njeno imein kriminalci so kupiliveč kot 3000 funtov v bonihDa bi ponovno pridobila nadzor, je morala večkrat obiskati banko in ponudnika mobilne telefonije.

Ta zgodba je šolski primer, zakaj varnostni strokovnjaki priporočajo, da se za pomembne račune odmaknete od SMS-ov kot primarnega drugega faktorja.

Kje so prevaranti dobili Sueine podatke

BBC poroča, da je Suetelefonska številka, e-poštni naslov, datum rojstva in fizični naslovso bile razkrite v prejšnjih kršitvah – vključno s platformo za igre na srečoPaddyPower (2010)in orodje za preverjanje e-pošteVerifications.io (2019)Tudi druge zbirke vdrtih zapisov so vključevale njene podatke.

Analitičarka kibernetske varnosti Hannah Baumgaertner iz podjetja Silobreaker, ki jo je citiral BBC, je dejala, da so napadalci verjetno uporabili razkrite osebne podatke za zamenjavo SIM-kartice. Ko so imeli Suejino telefonsko številko, so lahko prestregli varnostne kode, poslane za preverjanje identitete za Gmail.

To je problem »poprečnega pretresa po kršitvi«: tudi če je prvotna kršitev stara desetletje, lahko podatki še naprej krožijo, se prepakirajo in uporabljajo kot dokaz socialnega inženiringa.

Kako se majhni hekerski vdori širijo: trg za ugrabljene naročnine

Zgodba BBC-ja izpostavlja tudi manj tvegano, a izjemno pogosto vrsto kibernetske kriminalitete: prevzem naročniških računov.

Fran iz Brazilije je za BBC povedala, da je ugotovila, da se je nekdo registriral na njeno ime.Netflixračun in povečala svojo mesečno naročnino – klasična ugrabitev s strani »zastonjcev«.

V članku piše, da ni vedno mogoče natančno določiti enega samega vdora kot temeljnega vzroka. Vendar je BBC ugotovil, da je bil Franin e-poštni naslov razkrit v vsaj štirih vdorih, vključno zInternetni arhiv (2024),Trellov (2024),Razplet (2021)inWattpad (2020).

Raziskovalec varnosti Alon Gal iz Hudson Rocka, na katerega se sklicuje članek, je opisal trg za vlomljene račune za pretakanje, zaradi česar je uhajanje informacij enega podjetja postalo stalna zloraba.

Ko dvofaktorska avtentikacija še vedno ne uspe

Eden najbolj zaskrbljujočih delov sodobnih prevar je, da lahko napadalci včasih zaobidejo zaščite, za katere uporabniki domnevajo, da so "zadostne".

BBC opisuje lastnico malega podjetja Leah, ki je bila tarča lažnega e-poštnega sporočila, ki je očitno prihajalo s Facebooka. Kliknila je povezavo, vnesla podatke na lažno meta stran in prevaranti so prevzeli njen poslovni račun, čeprav je imeladvofaktorska avtentikacija.

Napadalci so nato pod njenim imenom objavili videoposnetke spolne zlorabe otrok (s čimer so jo blokirali) in v treh dneh, ki so trajali, da so ponovno prevzeli nadzor (denar je sčasoma dobila nazaj), predvajali na stotine funtov oglasov, za katere je plačala.

Kako lahko 2FA še vedno ne uspe? Pogoste poti vključujejo:

  • Lažno predstavljanje prek proxyja v realnem času:Lažno spletno mesto posreduje poverilnice pravemu spletnemu mestu in zahteva kodo 2FA, ki jo takoj uporabi.
  • Kraja seje / zajem žetonov:Nekateri kompleti za lažno predstavljanje zajamejo piškotek seje po prijavi.
  • Vrzeli pri obnovitvi računa:Če je ogrožen obnovitveni e-poštni naslov/telefonska številka, napadalci ponastavijo dostop, ne da bi sprožili običajna preverjanja.

Bistvo ni v tem, da je 2FA nesmiselna – ampak v tem, daNajmočnejši račun je tisti z več plastmi, niti enega potrditvenega polja.

Vloga posrednikov podatkov in »obogatitve«

Tudi če kršitev ne vključuje vsega, kar si napadalec želi, lahko kriminalci združijo vire.

BBC ugotavlja, da prevaranti pogosto mešajo ukradene zasebne podatke z javnimi. Preiskovalci so opisali, kako bi lahko napadalec povezal ukraden e-poštni naslov z javno navedeno poslovno številko, da bi poslal bolj prepričljivo sporočilo lažnega predstavljanja.

Zaradi tega se sodobne prevare zdijo srhljive: sporočilo ni videti kot neželena pošta. Izgleda, kot da je bilo napisanozate.

Problem obsega: množične kršitve spodbujajo globalno gospodarstvo prevar

BBC ugotavlja, da je bilo v2025razkrila milijone zapisov, navedla primere, kot so:

  • 6,5 milijonaprizadet zaradi kršitve zadruge (april)
  • vdor, ki je prizadel stranke Marks & Spencer (podjetje ni navedlo, koliko)
  • 400.000Prizadete stranke Harrodsa
  • 5,7 milijonaprizadet zaradi vdora v Qantas

Navaja tudi Observatorij kršitev podatkov Proton Mail:794 potrjenih kršiteviz prepoznavnih virov, odkritih doslej v letu 2025, ki razkrivajoveč kot 300 milijonovposamezne zapise.

V takšnem obsegu kriminalci ne rabijo biti briljantni. Biti morajo vztrajni in delavni.

Kaj podjetja počnejo (in česa ne počnejo) po kršitvah

Žrtve pogosto odkrijejo, da ni standardne »oskrbe po kršitvi«.

BBC poroča, da je bilo nekoč ponujanje brezplačnega spremljanja kreditne sposobnosti običajno, zdaj pa to počne manj podjetij. Opozarja, da nekatera podjetja teh storitev niso ponujala, medtem ko je Co-op ponujal bon pod določenimi pogoji.

Članek omenja tudi naraščajoč trend skupinskih tožb – čeprav jih je težko dobiti, ker je težko dokazati individualni vpliv – in pomembno poravnavo: T-Mobile se je strinjal s plačilom350 milijonov dolarjevpo kršitvi leta 2021, ki je prizadela76 mstranke, s prijavljenimi plačili odod 50 do 300 dolarjev.

Realističen načrt odziva, če sumite na zamenjavo kartice SIM

Ker so zamenjave SIM-kartic časovno občutljive, je koristno imeti kontrolni seznam.

  1. Če vaš telefon nenadoma izgubi signal(in niste v mrtvi coni), obravnavajte to kot nujno.
  2. Pokličite svojega operaterja z drugega telefonain vprašajte, ali je prišlo do prenosa SIM kartice ali številke.
  3. Zahtevajte takojšnjo zaklepanjeob nadaljnjih spremembah kartice SIM in ponastavitvi poverilnic računa/PIN-a.
  4. Zaščitite svoj primarni e-poštni računnaslednjič, ker lahko ponastavi vse ostalo.
  5. Spremeni geslaza bančništvo, plačilne aplikacije in vse račune, povezane s SMS kodami.
  6. Preverite nove račune/kreditno aktivnostv tvojem imenu.

Tudi če se izkaže, da je napad težava v omrežju, s hitrim ukrepanjem ne izgubite veliko.

Praktični koraki za zmanjšanje tveganja (brez paranoje)

Ne morete preprečiti vdora v podjetje, ki ste ga uporabljali pred leti. Lahko pa naredite uhajanje podatkov manj uporabno za napadalce.

1) Zaščitite svoj mobilni račun

  • Vprašajte svojega operaterja oPIN-i računa, zaklepanje prenosa podatkov in dodatno preverjanje.
  • Zmanjšajte število storitev, ki uporabljajo SMS kot metodo obnovitve.

2) Kjer je mogoče, uporabite močnejšo avtentikacijo

Za najpomembnejše račune (e-pošta, bančništvo, upravitelj gesel) izberite:

  • aplikacije za preverjanje pristnosti (TOTP)
  • gesla
  • ali varnostne ključe strojne opreme

... prek SMS kod.

3) Uporabite upravitelja gesel + edinstvena gesla

Zapolnitev s poverilnicami je še vedno poceni. Edinstvena gesla preprečujejo, da bi ena sama kršitev odklenila vse.

4) S svojim primarnim e-poštnim naslovom ravnajte kot s »root računom«

Če kriminalci dobijo vaš e-poštni nabiralnik, lahko ponastavijo skoraj vse druge račune. Poskrbite, da bo vaš e-poštni naslov:

  • močno overjen
  • možnosti okrevanja zagotovljene
  • in spremljano glede sumljivih prijav

Bistvo

Kršitve podatkov niso le problem zasebnosti – so dobavna veriga za prevare. Stare uhajanja podatkov se lahko kombinirajo z javnimi informacijami, da se izdajajo za vas, ukradejo vašo telefonsko številko z zamenjavo SIM kartice, zaobidejo prijave in eno samo ogrožanje spremenijo v kaskado po e-pošti, finančnih računih in profilih na družbenih omrežjih. Najučinkovitejša obramba je večplastna: zaščitite svojo telefonsko številko, zavarujte svoj primarni e-poštni naslov in se, kjer koli je to mogoče, odmaknite od varnosti, ki temelji na SMS-ih.

Viri

Document Title
SIM swaps, breached data, and stolen accounts: how scammers turn leaks into real money
Data breaches feed a scam economy: SIM swap attacks, hijacked Netflix accounts, and phishing that bypasses two-factor authentication. Here's how leaked personal data becomes account takeover.
Title Attribute
oEmbed (JSON)
oEmbed (XML)
JSON
View all posts by Admin
UK bans Coinbase ads: what it means for crypto marketing in Britain
Steam’s UK £656m lawsuit explained: what Valve is accused of and why it matters
Page Content
SIM swaps, breached data, and stolen accounts: how scammers turn leaks into real money
Nature
Climate
/
Technology
/ By
Admin
Data breaches have become so routine that many people treat them like background noise — an annoying email, a password reset, then back to life. But the real danger often arrives later, when leaked details are stitched together into targeted attacks that feel personal, plausible, and hard to stop.
A BBC investigation into scam victims shows how this pipeline works in practice: old data leaks help criminals perform
SIM swap attacks
, hijack email accounts, open credit in someone’s name, or seize control of business advertising accounts. What looks like “just an email address leak” can become a direct route to money, identity fraud, and months of cleanup.
This explainer breaks down the mechanics: how SIM swaps succeed, why two-factor authentication can fail, and what practical steps actually reduce risk.
The breach-to-scam pipeline (in plain English)
Most scams that end in stolen funds follow a repeatable sequence:
Personal data is exposed
(through a breach of a company you used years ago).
Criminals enrich it
by combining multiple breaches, public info, and sometimes data-broker sources.
They target the weakest link
(a mobile number, an email inbox, or a “forgot password” workflow).
They escalate
— using the first compromise to reset passwords and take over other accounts.
The BBC’s cyber correspondent Joe Tidy notes that being a victim of a breach increases your chance of being targeted. The key is not that every breach leads to a scam, but that breaches supply the raw materials criminals need for believable impersonation.
SIM swap attacks: why your phone number is a master key
In one case, a woman named Sue told the BBC her digital life was hijacked via a
SIM swap
.
A SIM swap attack works like this:
A criminal convinces a mobile network operator they are the real account holder.
The operator issues a new SIM (or transfers the number), and the victim’s phone loses service.
The criminal now receives calls and texts meant for the victim — including verification codes.
Once attackers control your number, they can intercept
SMS-based security codes
used for password resets and login verification.
Sue said scammers took over her
Gmail
and then locked her out of
bank accounts
after failed security checks. She also had a
credit card opened in her name
, and criminals purchased
more than £3,000 in vouchers
. Getting control back required several trips to her bank and mobile phone provider.
This story is a textbook example of why security professionals recommend moving away from SMS as your primary second factor for important accounts.
Where the scammers got Sue’s details
The BBC reports that Sue’s
phone number, email address, date of birth and physical address
were exposed in earlier breaches — including gambling platform
PaddyPower (2010)
and email validation tool
Verifications.io (2019)
. Other compilations of hacked records also included her details.
A cybersecurity analyst cited by the BBC, Hannah Baumgaertner of Silobreaker, said attackers likely used leaked personal data to conduct the SIM swap. Once they had Sue’s phone number, they could intercept security codes sent to verify identity for Gmail.
This is the “breach aftershock” problem: even if the original breach is a decade old, the data can keep circulating, being repackaged, and being used as social-engineering proof.
How small hacks scale: the market for hijacked subscriptions
The BBC story also highlights a lower-stakes but extremely common kind of cybercrime: subscription account takeover.
Fran, in Brazil, told the BBC she found someone had registered to her
Netflix
account and increased her monthly subscription — a classic “freeloader” hijack.
The article says it’s not always possible to pinpoint a single breach as the root cause. But the BBC found Fran’s email address had been exposed in at least four breaches, including
Internet Archive (2024)
,
Trellov (2024)
Descomplica (2021)
and
Wattpad (2020)
A security researcher quoted in the piece, Alon Gal of Hudson Rock, described a market for cracked streaming accounts, turning one company’s leak into ongoing abuse.
When two-factor authentication still fails
One of the most unsettling parts of modern scams is that attackers can sometimes bypass protections users assume are “enough.”
The BBC describes a small business owner, Leah, targeted by a phishing email that appeared to come from Facebook. She clicked a link, entered details on a fake Meta page, and scammers took over her business account even though she had
two-factor authentication
Attackers then posted child sexual abuse videos under her name (getting her blocked) and ran hundreds of pounds of adverts paid for by her in the three days it took to regain control (she eventually got the money back).
How can 2FA still fail? Common paths include:
Real-time proxy phishing:
the fake site relays credentials to the real site and asks for the 2FA code, using it immediately.
Session theft / token capture:
some phishing kits capture the session cookie after login.
Account recovery loopholes:
if recovery email/phone is compromised, attackers reset access without triggering normal checks.
The point isn’t that 2FA is pointless — it’s that
the strongest account is the one with multiple layers
, not a single checkbox.
The role of data brokers and “enrichment”
Even when a breach doesn’t include everything an attacker wants, criminals can combine sources.
The BBC notes that scammers often mix stolen private information with public information. Investigators described how an attacker could connect a stolen email address with a publicly listed business number to send a more convincing phishing message.
That’s what makes modern scams feel creepy: the message doesn’t look like spam. It looks like it was written
for you
The scale problem: mass breaches fuel a global scam economy
The BBC notes that several high-profile attacks in
2025
exposed millions of records, listing examples such as:
6.5 million
affected by a Co-op breach (April)
a hack affecting Marks & Spencer customers (the company did not specify how many)
400,000
Harrods customers affected
5.7 million
impacted in a Qantas hack
It also cites Proton Mail’s Data Breach Observatory:
794 verified breaches
from identifiable sources discovered so far in 2025, exposing
more than 300 million
individual records.
At that scale, criminals don’t need to be brilliant. They need to be persistent and industrial.
What companies do (and don’t do) after breaches
Victims often discover there is no standard “breach aftercare.”
The BBC reports that offering free credit monitoring used to be common, but fewer firms are doing it now. It notes that some companies did not offer these services, while Co-op offered a voucher under conditions.
The article also mentions a growing trend of class action lawsuits — though hard to win because proving individual impact is difficult — and a notable settlement: T-Mobile agreed to pay
$350m
after a 2021 breach affecting
76m
customers, with reported payments ranging from
$50 to $300
A realistic response plan if you suspect a SIM swap
Because SIM swaps are time-sensitive, it helps to have a checklist.
If your phone suddenly loses service
(and you’re not in a dead zone), treat it as urgent.
Call your carrier from another phone
and ask if a SIM transfer or number port happened.
Request an immediate lock
on further SIM changes and reset the account credentials/PIN.
Secure your primary email account
next, because it can reset everything else.
Change passwords
for banking, payment apps, and any accounts tied to SMS codes.
Check for new accounts/credit activity
in your name.
Even if the attack turns out to be a network issue, you lose little by moving fast.
Practical steps that reduce risk (without paranoia)
You can’t prevent a company you used years ago from being breached. But you can make leaked data less useful to attackers.
1) Protect your mobile account
Ask your carrier about
account PINs
, port-out locks, and extra verification.
Minimise how many services use SMS as a recovery method.
2) Use stronger authentication where possible
For your most important accounts (email, banking, password manager), prefer:
authenticator apps (TOTP)
passkeys
or hardware security keys
…over SMS codes.
3) Use a password manager + unique passwords
Credential stuffing is still cheap. Unique passwords stop one breach from unlocking everything.
4) Treat your primary email like the “root account”
If criminals get your email inbox, they can reset almost every other account. Make your email:
strongly authenticated
recovery options secured
and monitored for suspicious logins
Bottom line
Data breaches aren’t just a privacy problem — they’re the supply chain for scams. Old leaks can be combined with public information to impersonate you, steal your phone number through a SIM swap, bypass logins, and turn a single compromise into a cascade across email, financial accounts, and social profiles. The most effective defence is layered: protect your phone number, secure your primary email, and move away from SMS-based security wherever you can.
Sources
https://www.bbc.com/news/articles/czrk7gxk2l6o?at_medium=RSS&at_campaign=rss
Previous Post
Next Post
oEmbed (JSON)
oEmbed (XML)
JSON
View all posts by Admin
UK bans Coinbase ads: what it means for crypto marketing in Britain
Steam’s UK £656m lawsuit explained: what Valve is accused of and why it matters
Data breaches feed a scam economy: SIM swap attacks, hijacked Netflix accounts, and phishing that bypasses two-factor authentication. Here's how leaked personal data becomes account takeover.
Document Title
Page not found - Florin.blog
Image Alt
Florin.blog
Title Attribute
Florin.blog » Feed
RSD
Skip to content
Placeholder Attribute
Search...
Page Content
Page not found - Florin.blog
Skip to content
Home
Blog
Garden Decor
Indoor
Main Menu
This page doesn't seem to exist.
It looks like the link pointing here was faulty. Maybe try searching?
Search for:
Search
Quick Links
Outdoors
About
Contact
Explore
Bestsellers
Hot deals
Best of The Year
Featured
Gift Cards
Help
Privacy Policy
Disclaimer
: As an Amazon Associate, we earn from qualifying purchases — at no extra cost to you.
Florin.blog
Florin.blog » Feed
RSD
Search...
l Slovenščina