Of course, the figure is nowhere near the $ 35 million it could lose if it does not make adjustments to its advertisements. But thanks to what a ruling by the São Paulo State Court of Justice called failure to provide services, the operator will have to pay $ 20,000 to a consumer.
The client had her line cloned and thanks to this an attacker got access to her WhatsApp. Through it he gained access to full conversations and used the victim’s contact list to ask for money impersonating her.
When she found out, she contacted the company, which recommended that she change numbers. The consumer upheld the decision but soon saw the problem recur, with the criminal making use of the same practices.
Therefore, it was determined that Claro should pay an indemnity of R $ 5,000 to the victim. She, however, found the amount insufficient and requested that it be increased to $ 30,000. The TJ-SP then reached a middle ground and set the payment at $ 20,000.
There is no information on how the attacker repeatedly gained access to the consumer’s telephone data. What this story seems to indicate is that it was not a case of SIM Swap, a social engineering crime, seeking enough information about a target to forge a call-center call and request migration of the line to another chip.
Recommended: Face ID for Macs reappears in Apple patent with extra features
Today’s networks have known flaws that can be exploited by knowledgeable criminals, especially thanks to the SS7 protocol. It is a kind of bridge between mobile phone networks and can be distorted for SMS message interception and call redirection.
Claro did not comment on the episode.