Five people have been arrested in France for their alleged involvement in a massive phishing campaign that used an IMSI-catcher to siphon phone numbers and personal data. The suspects are accused of sending over 420,000 fraudulent SMS messages directing victims to a fake health insurance website to steal their personal and financial data.
The IMSI-catcher phishing operation
The mode of operation of the phishing campaign is notable for the use of an IMSI-catcher, an intrusively powerful tool used by intelligence agencies and law enforcement to intercept communications on mobile networks. The IMSI-catcher mimics a mobile network’s base station and captures exchanges between users and the network. It was reportedly purchased for around €20,000 by one of the suspects.
The suspects allegedly sent over 420,000 fraudulent SMS messages to victims, leading them to a fake health insurance website. The website was designed to steal personal and financial data, including social security numbers and bank card information.
The arrests and legal proceedings
The suspects are two managers of a digital marketing firm based in Neuilly-sur-Seine and a technician, who are accused of using the IMSI-catcher to gather phone numbers and personal data to develop a “system of sending advertising messages” to mobile devices. The two drivers who assisted in the operation are under judicial control. Following a search of their premises, three vehicles, a motorcycle, eight computers, twelve mobile phones, a tracker, a few thousand euros, and three diamonds were seized.
The suspects have been charged with fraud, unauthorized use of frequencies or radio installations, and computer hacking. The two managers and the technician are in custody, while the two drivers are under judicial control.
The use of an IMSI-catcher in a phishing campaign is a concerning development, as these devices are normally only used by intelligence agencies or law enforcement. It highlights the need for greater regulation of these tools and increased awareness of the risks associated with mobile phone use. The arrests of the suspects in this case serve as a warning to others who may attempt similar tactics.