SIM Swapping & Carding Criminal Defense Lawyers

When they clone your SIM and drain your account. Technical defense and specialized bank claims

Last updated: 13 June 2026

SIM Swapping: The Fraud That Drains Your Account in Minutes

SIM Swapping is one of Spain's fastest-growing frauds. The method is precise: criminals obtain your personal data (name, ID, phone number) through phishing, leaked databases, or social media surveillance. With that data, they call your carrier impersonating you and request a SIM duplicate.

The moment the new SIM activates, your phone loses signal and all SMS — including bank OTP codes — go to the criminal. Within minutes, they access your online banking and drain accounts through immediate transfers or crypto purchases.

Dual Approach: Defense & Victim Claims

shield

If ACCUSED

• Money mule defense: absence of intent (fake job offer)
• IP attribution challenge and digital evidence
• Chain of custody of seized devices

gavel

If VICTIM

• Bank claim (PSD2): refund of unauthorized operations
• Civil lawsuit against carrier for negligence
• Fund tracing and freezing (crypto and fiat)

ART. 248Carding: Card Fraud

Carding encompasses the full spectrum of card fraud: from skimming (ATM cloning) to buying/selling card data on the dark web. Data is used for fraudulent online purchases, often shipped to "drops" (transit addresses).

Skimming

Card cloning at ATMs or tampered POS terminals. 6 months to 3 years prison

Dark Web

Purchasing dumps (magnetic strip data) and CVVs on underground forums

Drops

Fake shipping addresses or intermediaries receiving and forwarding products bought with stolen cards

sim_card

Why Alonso Sala for SIM Swapping?

securityBlockchain traceability experts for crypto tracing.
securityPSD2 claim experience against banks: Santander, BBVA, CaixaBank.
securityCivil lawsuits against carriers for negligent SIM duplicates.
securityTechnical defense of 'mules' recruited through social engineering.

Cybercrime in Spain: Hacking, Phishing & Digital Fraud — Defence Guide

Cybercrime encompasses illegal access to computer systems (Art. 197 bis CP), computer damage and ransomware (Art. 264 CP), phishing and digital fraud (Art. 249.1.a CP), and the production or distribution of hacking tools (Art. 197 ter). Spain's prosecution of cybercrime has intensified dramatically, with specialised units in the National Police (BIT) and Guardia Civil (GDT) leading investigations. Defence requires a unique combination of criminal law expertise and advanced technical knowledge.

Penalty Table: Cybercrime

Offence	Article	Description	Penalty
Illegal access to systems	Art. 197 bis	Unauthorised access breaching security measures	6 months – 2 years
Interception of data	Art. 197 bis.2	Intercepting non-public data transmissions	3 months – 2 years
Production/supply of hacking tools	Art. 197 ter	Creating or distributing tools designed for cybercrime	6 months – 2 years
Computer damage (basic)	Art. 264.1	Deleting, damaging or making data inaccessible	6 months – 3 years
Aggravated damage (critical infrastructure)	Art. 264.2	Affecting essential services or critical infrastructure	2 – 5 years prison
Cyber fraud (phishing)	Art. 249.1.a	IT manipulation to obtain unlawful transfer of assets	6 months – 3 years

Key Defence Strategies

IP Attribution Challenge

An IP address does not identify a person. Shared Wi-Fi networks, VPNs, Tor exit nodes and NAT configurations mean multiple users may share one IP. The prosecution must prove the accused was the actual user at the relevant time.

Chain of Digital Custody

Digital evidence is extremely fragile. If the police failed to image the hard drive with a write-blocker, if hash values don't match, or if evidence was handled improperly, the defence can seek exclusion of the entire digital evidence chain.

Authorised Security Testing

Ethical hacking and penetration testing carried out with the system owner's authorisation is legal. If the defendant had a written engagement contract, bug bounty agreement or responsible disclosure policy, there is no criminal offence.

Lack of 'Breaching Security Measures'

Art. 197 bis requires that security measures were breached. If the system had no password, no firewall, or the access point was public, the element of 'breaching security' may be absent, negating the offence.

Key Case Law

Doctrina TSElements of illegal access (Art. 197 bis)

The Supreme Court confirmed that 'access' requires effectively entering the system, not merely attempting it. The prosecution must prove: (1) access occurred, (2) it was unauthorised, and (3) security measures were breached. Port scanning alone does not constitute the offence.

Doctrina TSRansomware as combined offence

The Court ruled that ransomware attacks may constitute a concurrent offence of computer damage (Art. 264) and extortion (Art. 243 CP). The encryption of data satisfies the 'damage' element even if data is technically recoverable upon payment.

Doctrina TSPhishing and the 'money mule' defence

In phishing operations, the Court distinguished between the organiser and the 'money mule' (account holder). The mule's liability depends on proof of knowledge that the funds were illicit. Wilful blindness may suffice, but mere negligence does not.

quiz

SIM Swapping & Carding FAQs

What exactly is SIM Swapping?expand_more

It's a fraud technique where the criminal gets the phone carrier to issue a duplicate of your SIM card. With it, they receive your bank SMS (OTP codes) and drain your accounts. It combines social engineering against the telecom with banking fraud.

Can I claim from the bank if my account is drained?expand_more

Yes. The PSD2 Directive establishes that the bank is liable if the transaction was not authorized by effective two-factor authentication. If the bank failed to detect the anomaly (new SIM, unknown IP), it must refund the money.

Is the phone carrier at fault?expand_more

Possibly. If the carrier issued a SIM duplicate without properly verifying identity (no physical presence, no documentation), it constitutes negligence. Civil case law has recognized carrier liability for fraudulent duplicates when verification failures are proven.

What crimes are committed in SIM Swapping?expand_more

Several combine: Computer fraud (Art. 248 CP), identity theft, illicit data access (Art. 197 bis), and frequently money laundering if funds are moved to crypto or third-party accounts.

What is 'Carding'?expand_more

It's the fraudulent use of stolen credit card data for online purchases. Data is obtained through ATM skimmers, phishing, or leaked databases on the dark web.

Can I be accused of SIM Swapping for receiving money?expand_more

Yes. If you received transfers from SIM Swapping victims and forwarded them (as a 'mule'), you may be charged with necessary cooperation in fraud or laundering. Our defense proves absence of intent: you were recruited with a fake job offer.

How can I protect myself from SIM Swapping?expand_more

Activate a custom PIN/PUK with your carrier, use app-based authentication (Google Authenticator) instead of SMS, and ask your bank for email alerts on any transaction. If your phone loses signal for no reason, call your carrier immediately.

Are cryptocurrencies obtained through SIM Swapping traceable?expand_more

Yes. We work with blockchain traceability experts (Chainalysis, CipherTrace). Even if money moves through multiple exchanges and wallets, the blockchain is public and transactions are permanent.

How long do these cases take to resolve?expand_more

Police investigation usually takes 6-18 months, depending on complexity (international carriers, crypto). The trial phase can extend another year. The key is acting quickly to freeze the funds.

What is the penalty for SIM Swapping?expand_more

Aggravated computer fraud (for using computer manipulation) carries 1-6 years prison. If organized or damage exceeds €50,000, penalties increase considerably.

Looking for a SIM Swapping Defense Lawyer in Spain?

As a national law firm, we offer specialized criminal defense in SIM Swapping, Carding, and banking card fraud. We act both as private prosecution for victims and in the defense of the accused, with technical rigor and forensic expertise from day one.

We also serve

Madrid Alicante Marbella Seville Málaga Bilbao Zaragoza

View all locations →

listTable of Contents

shieldClaves de la Defensa: SIM Swapping & Carding Criminal Defense Lawyers

No Intent

Bank mule recruited with fake job → victim, not perpetrator.

Carrier Negligence

SIM duplicate without ID verification → carrier civil liability.

Bank Liability

PSD2: unauthorized operation with weak authentication → bank liable.

gavelElementos del Delito

check_circleSocial Engineering:Deceiving the carrier to obtain SIM duplicate (Art. 248 CP).
check_circleIllicit Access:Using intercepted OTP codes to access online banking (Art. 197 bis).
check_circleTransfer:Account draining through fraudulent transfers or crypto purchases.

gavelConsecuencias Penales

Prison 1-6 years

Aggravated computer fraud (Art. 249 in connection with Art. 250 CP).

Civil Liability

Full restitution of defrauded amount + interest.

Forfeiture

Seizure of devices, crypto, and linked funds.

call

SIM Swapping Victim?

Act NOW. Every minute counts to freeze funds and claim from the bank.

Urgent Contactarrow_forward

linkDelitos Relacionados

account_treeCybercrime

Explore all practice areasarrow_forward

Do you need specialised legal assistance?

The judicial system is complex. We have the criminal-law specialisation and technical resources required to take on the defence.

Contact Alonso Sala

Call: +34 91 078 65 74