National Police in Valencia have arrested a 31-year-old man on charges of two counts of fraud and identity theft. He is accused of defrauding about 18,500 euros by duplicating SIM cards and using stolen personal data to withdraw or purchase money from customers at the store where he worked, with the aim of buying a mobile terminal. The case highlights how contactless and mobile payment methods can be misused when proper checks are not in place. Police sources confirm the charges stem from a pattern of illicit activity centered on exploiting customer information and compromised mobile lines.
Investigators began focusing on the matter after receiving several complaints that contained incidental details linking the incidents to the same Valencia establishment. The complaints showed a recurring set of behaviors and timelines, prompting a closer look at the store’s operations and the staff involved. The information collected by officers pointed toward a coordinated scheme where financial data and SIM card manipulation played central roles.
A scam of about 20,000 euros
During the initial fact-finding, authorities uncovered a scheme in which a duplicate SIM card was used to access accounts and then authorizations were made to withdraw or purchase using the victim’s bank details. The total losses traced through the investigation reached 16,300 euros in direct withdrawals and 2,200 euros in purchases. A key detail revealed that the same stolen data had been used to secure a mobile terminal, tying the illicit activity to the acquisition of equipment that could enable further fraud or resale. This breakdown illustrates how fraud can scale quickly when multiple data points are combined to bypass standard security steps.
As part of the on-site reviews, investigators cross-checked workplace footage with records from various locations where withdrawals and purchases occurred. This process helped confirm that the same individual had access to customer data and used it to facilitate fraudulent transactions. The officers also noted purchases made with prepaid cards that could be converted into the cryptocurrency of choice, allowing a degree of anonymity and reducing the need to link activities to a bank account. Such details emphasize the evolving tactics used by fraudsters to mask their actions and complicate tracing efforts.
Further inquiries led to the identification of the suspect, described as an employee of a Hispanic organization recognized by the victims as the person who handled them. The man is alleged to have copied SIM cards, a move that would enable him to intercept verification codes and continue to access victims’ accounts. The case has attracted attention due to the technical nature of the SIM duplication and the apparent ease with which personal data can be exploited when security measures are not consistently enforced across devices and networks.
Authorities arrested the defendant on charges of two counts of fraud and another count of identity theft. Police sources note that the suspect has a prior police record involving similar incidents and that he has already appeared in court. The case underscores the importance of vigilance among retailers and customers alike in protecting personal information and ensuring that staff practices do not expose users to preventable risk. The ongoing investigation seeks to determine the full scope of losses and the exact sequence of events that allowed the fraud to unfold.
How does this scam work?
The fraud described as a SIM swap involves duplicating a person’s SIM card and, in turn, impersonating their identity to obtain a copy. Once a second SIM is active, the attacker can intercept messages and verification codes that would normally protect access to accounts. The scheme hinges on convincing the mobile operator or the account provider to issue or authorize a new SIM without triggering alarms or extra checks.
When the victim experiences service interruption, the perpetrator can seize control of the victim’s number and use it to access personal information hidden behind verification steps. Criminals often combine this technique with data theft, enabling them to perform unauthorized transactions before the victim notices irregular activity on bank statements or account logs. The method demonstrates why it is essential for both consumers and businesses to enforce multi-factor authentication and to monitor unusual patterns in SIM management and account access.
Law enforcement officials stress that quick reporting of suspected SIM activity and irregular banking transactions can reduce damage and improve the chances of recovering funds. Businesses are advised to implement strict procedures for handling customer data, verify identity with multiple checks, and train staff to recognize telltale signs of social engineering and data misuse. Consumers should be wary of unsolicited requests for verification codes or personal information, and they should review account activity regularly for unfamiliar withdrawals or charges. The Valencia case serves as a cautionary tale about how a compromised SIM and stolen data can line up to produce meaningful losses and disrupt everyday digital life for many customers.