Bitcoin and Social media account credentials of employees at wireless phone companies have been stolen by two young men, Jordan K Milleson, and Kyell A Bryan, who live in the eastern United States. Reports claim how the employees were tricked into giving their credentials away for accessing and modifying their information.
Milleson is the resident of Timonium, Md. whereas Bryan is a resident of Kingston, Pa. According to the prosecutors, Milleson and Bryan used what is said to be phishing or vishing attacks combined with Sim swapping to hijack social media and bitcoin accounts of the employees. The complete fraud involves bribing of employees at wireless mobile phone companies.
The phishing websites set up by Jordan and Kyell mimicked the legitimate employee portals that belonged to the corresponding wireless service providers for which the employees worked. After having set up the trap, the duo then sent an email or called the employees at these providers to trick them into login at these fake portals.
The indictment states that Milleson and Bryan used phished access to reassign the SIM tied to a target’s mobile device. Using the SIM card they were able to reassign any customer’s phone number in a mobile device controlled by them.
Not only did this allow them to get control over a target’s incoming phone calls as well as text messages but also let them reset the password for their email accounts, in addition to their social media accounts and cryptocurrency accounts which were associated with their numbers.
In matters like, if a conspiracy unravels because of the dispute between the parties, it is shocking! And the case of Bryan and Jordan is indeed shocking. As per the reports, Bryan called the prosecutors on June 26th, 2019,” and falsely reported that he, purporting to be a resident of the Milleson family residence, had shot his father at the residence. During the call, Bryan, posing as the purported shooter, threatened to shoot himself and to shoot at police officers if they attempted to confront him. The call was a ‘swatting’ attack, a criminal harassment tactic in which a person places a false call to authorities that will trigger a police or special weapons and tactics (SWAT) team response — thereby causing a life-threatening situation.” as reported by the US Attorney’s Office for the District of Maryland.
Currently, the duo is facing charges of:
- Wire fraud.
- Unauthorized access to protected computers. And
- Aggravated identity theft and wire fraud conspiracy.
Sources who are actively involved in this investigation confirm how these two men were active members of OGusers that is an online forum catering to people selling access to hijacked social media accounts. Although the indictment doesn’t mention the wireless companies who were targeted by phishing and vishing schemes, sources also allege how these two men are part of a larger conspiracy that involves individuals from the United States and the United Kingdom.