A man from the San Fernando Valley, California, has been sentenced to over five years in federal prison after orchestrating significant fraud operations that targeted many victims, including a number of elderly individuals.
Oren David Sela, 36, managed to steal an email account, hijack a phone number through sim swapping, and used the victim’s identity to withdraw more than $1.8 million from bank accounts.
So, how did this scheme operate, and what steps can people take to avoid falling victim to similar attacks?
What is SIM Swapping?
SIM swapping is, effectively, a form of identity theft where a scammer tricks a mobile carrier into switching a phone number to a new SIM card under their control. By gaining access to the victim’s number, they can intercept text messages containing verification codes, allowing them to access bank accounts, emails, and more.
Scammers usually deploy one of two main tactics to achieve sim swaps:
- Social Engineering: They pose as the victim, contact customer support, and claim their phone is lost or stolen to persuade the carrier to activate a new SIM with the victim’s number.
- Insider Threats: Sometimes, scammers may bribe or deceive employees at mobile carriers to circumvent standard verification checks.
Once they control the number, they can:
- Receive all incoming calls and texts
- Reset passwords for email and bank accounts
- Bypass security alerts that are sent to the phone
- Lock the legitimate user out of their own accounts
In short, SIM swapping can turn a phone number into a master key for identity theft and financial loss.
Details of the $1.8 Million Fraud Scheme
Between November 2021 and October 2023, Sela appropriated personal information, including debit and credit card details, social security numbers, and driver’s licenses, from various locations, notably Beverly Hills, California.
Using this data, Sela executed SIM swap attacks to bypass two-factor authentication (2FA), which subsequently allowed him to:
- Access victims’ online banking and financial accounts
- Open new fraudulent accounts in victims’ names
- Transfer stolen funds to an intermediary account he controlled
- Order new debit and credit cards linked to victim accounts
He attempted to steal close to $2.6 million, successfully obtaining at least $1.8 million.
A Lavish Lifestyle and Consequence
Sela lavishly spent his stolen funds on luxury items. In 2022, he was arrested in Beverly Hills and found in possession of nearly $25,000 in cash, along with expensive gems and numerous fraudulent cards belonging to older victims. Even after his arrest, he continued his fraudulent activities.
Law enforcement conducted two searches of his properties in 2022 and 2023, uncovering over $70,000 in cash, stolen mail, fake IDs, and banking information tied to numerous victims.
In October 2024, Sela pleaded guilty to bank fraud and identity theft and was sentenced on April 22, 2025, to 61 months in federal prison, along with restitution of $1,818,369.
Why SIM Swapping is Dangerous
For all the good it does, two-factor authentication only works effectively if an attacker doesn’t have access to your phone. When a scammer takes control of your number, they can easily intercept 2FA codes and gain quick control over your accounts.
Once inside your email or banking app, they can:
- Reset passwords
- Transfer money
- Lock you out
- Open new lines of credit in your name
What’s disconcerting is that they may not even need your password if they control your phone number.
How to Protect Yourself from SIM Swapping and Identity Theft
Here are some important steps to help safeguard your information:
1. Monitor Your Accounts: Regularly check your bank and credit card statements for unauthorized transactions. Report anything suspicious right away.
2. Lock Your SIM Card: Set up a PIN with your mobile carrier. This prevents anyone from switching your number without your consent.
3. Be Cautious with Personal Information: Limit what you share online, particularly on social media, as scammers can use trivial details to impersonate you or answer security questions.
4. Add a Fraud Alert: Contact any of the major credit agencies and request a fraud alert. This complicates efforts for identity thieves to open accounts in your name.
5. Check Your Credit Report: Obtain a free copy of your credit report and scrutinize it for inaccuracies or potential fraud.
6. Freeze Your Credit: A credit freeze can prevent new accounts from being opened in your name without your permission, and it’s free to set up.
7. Use an Authentication App: Consider switching to an app for two-factor authentication, like Microsoft Authenticator or Google Authenticator, instead of relying on SMS codes which can be intercepted.
8. Strengthen Your Passwords: Create strong, unique passwords for each of your accounts, and think about using a password manager for better security.
9. Invest in Identity Theft Protection: Companies that monitor personal information can alert you if your details are being sold on the dark web or used elsewhere fraudulently.
10. Be Wary of Phishing Attempts: Remain vigilant against emails, texts, or calls that solicit personal information. Always verify the source before sharing sensitive details. Strong antivirus software can help filter out harmful links and detect threats.
Key Takeaways
If a scammer can hijack your phone number, they can very well access your money, accounts, and even your identity. SIM swapping poses a genuine threat as it shortcuts your robust defenses. Taking proactive measures today can help protect your mobile phone, financial accounts, and personal details. Small actions can make a significant difference in preventing devastating financial loss.
