BC Woman Loses $500K in Bitcoin SIM Swap Fraud: Lawsuit Filed
B.C. Woman Ordered to Settle SIM Swap Fraud Case Outside Court
Allegations of a Major Cryptocurrency Theft
A British Columbia woman, Raelene Vandenbosch, has been directed by a judge to resolve her lawsuit regarding a significant loss of bitcoin, valued at approximately $530,000, due to a SIM swap fraud scheme. Vandenbosch initiated legal action in 2023 against her mobile service provider and a kiosk company in Quebec after a fraudster impersonated a technician to deceive a kiosk employee, ultimately accessing customer records from Rogers Communications.
Details of the Fraudulent Scheme
The lawsuit names several parties, including Rogers Communications, Match Transact Inc. (the kiosk’s parent company), a “John Doe Mobile Clerk,” and a “John Doe Hacker.” According to a ruling issued in June by the Supreme Court of British Columbia, the hacker successfully persuaded the kiosk clerk to enable screen sharing, which granted access to Rogers’ customer database, including Vandenbosch’s sensitive information.
Justice Anita Chan noted that the hacker executed a SIM swap on Vandenbosch’s account, allowing them to take control of her phone number and access her phone and internet services, including her cryptocurrency accounts. Following this unauthorized access, the hacker swiftly transferred bitcoin from two of her accounts, with the stolen bitcoins initially valued at around $534,530, later surging to an estimated $1 million shortly after the theft.
Understanding SIM Swap Fraud
Roger Gale, an expert in digital transformation and cybersecurity at the British Columbia Institute of Technology (BCIT), explained that a SIM swap is a fraudulent tactic where a scammer transfers a victim’s phone number to a new SIM card under their control. Gale elaborated that the goal of a SIM swap is to shift the victim’s number from their current SIM to one that the fraudster has manipulated at a kiosk.
This type of scam can compromise two-step authentication processes, making it easier for hackers to gain unauthorized access to accounts.
Challenges in Recovering Stolen Cryptocurrency
Recovering stolen cryptocurrency is notoriously difficult, as Gale pointed out. Once the cryptocurrency is transferred from the victim’s wallet to that of the hacker, the transaction is recorded, but the wallet itself is often untraceable back to the perpetrator. This anonymity complicates efforts to identify the thief or reclaim the stolen assets.
Legal Proceedings and Arbitration
Vandenbosch is pursuing damages against Rogers for alleged breaches of privacy, contract violations, negligence, and statutory claims under the Business Practices and Consumer Protection Act (BPCPA). In response, Rogers and Match Transact Inc. contended that the lawsuit should be paused in favor of arbitration for all claims except those under the BPCPA.
Rogers sought to invoke an arbitration clause from its wireless service agreement. Justice Chan agreed to stay the lawsuit, directing the matter to arbitration. A representative from Rogers did not confirm the timeline for the arbitration process, and Match Transact Inc. did not respond to inquiries for comment.
Industry Response to SIM Swap Threats
The Canadian Telecommunications Association (CTA) acknowledged the seriousness of SIM swap fraud and stated that while telecom companies have implemented measures to reduce such incidents, they would not disclose specific strategies to safeguard against hackers. A CTA spokesperson emphasized that their members are committed to enhancing security protocols to protect Canadians as fraud tactics evolve.
