|
SIM hacking-How they get call history & payment history
01-13-2020, 06:31 PM
|
#1
|
gone traveling
Join Date: Dec 2010
Posts: 538
|
SIM hacking-How they get call history & payment history
How can researchers (and hackers) get access to a victim's call history and payment history? By manipulating it. They can text multiple people fake offers that seem too good to refuse, until one person calls back. Now they have a recently called number. If the call happens to be from a prepaid account, the hacker has hit the jackpot because they can go to a convenience store, buy a refill card for a few dollars and then use it to refill that victim's account. Now the hacker has payment history. The next step is to call the carrier and request a SIM swap.
FULL ARTICLE:
https://www.lightreading.com/new-sim...d/d-id/756780?
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
01-13-2020, 07:39 PM
|
#2
|
Thinks s/he gets paid by the post
Join Date: Mar 2008
Location: Jalisco, Mexico
Posts: 1,747
|
Good advice here from Wired:
https://www.wired.com/story/sim-swap...-defend-phone/
I recently changed my major banking and important passwords to super-long generated passwords, added 2FA using an authentication app where possible, and added a PIN and separate longer PIN to my phone number on Telcel. As much of a pain as it was, that's how much this SIM swap thing bugged me. Literally all they need to have is your phone number and they can do the rest without you ever knowing...
|
|
|
01-13-2020, 10:32 PM
|
#3
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jul 2009
Posts: 5,308
|
Bongleur -- I saw that article and it was super scary. Particularly since I use 2FA using my phone all the time. And, it seems very difficult to combat this.
|
|
|
01-14-2020, 05:35 AM
|
#4
|
Thinks s/he gets paid by the post
Join Date: Jul 2009
Posts: 1,934
|
I take the SIM-swap threat very, very seriously.
__________________
And if I claim to be a wise man, it surely means that I don't know.
|
|
|
01-15-2020, 10:21 PM
|
#5
|
Recycles dryer sheets
Join Date: Sep 2016
Posts: 342
|
I find SMS based authentication troublesome because I am sometimes without service or traveling and using a different SIM/phone number. I think device based apps like the mentioned "Google Authenticator" which appear to function much like earlier security token devices are a better solution. But there is still the problem of how to best recover if the smartphone is lost/stolen or dies; I am not sure how apps like Google Authenticator or Symantec’s Validation and ID Protection (VIP) handle that situation.
|
|
|
01-16-2020, 05:08 AM
|
#6
|
Moderator
Join Date: Feb 2010
Location: Flyover country
Posts: 25,362
|
Quote:
Originally Posted by triangle
there is still the problem of how to best recover if the smartphone is lost/stolen or dies; I am not sure how apps like Google Authenticator or Symantec’s Validation and ID Protection (VIP) handle that situation.
|
Obviously they can't handle that. But the financial institution has every reason to get you back into your account so they will work to facilitate it on a phone call. That's why you set up security questions, and as discussed in another thread the voice recognition systems used today are quite good at identifying you as long as you have that feature set up.
__________________
I thought growing old would take longer.
|
|
|
01-16-2020, 07:21 AM
|
#7
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jul 2006
Location: Pacific latitude 20/49
Posts: 7,677
|
I switched to VOIP voice for 2fa. One extra step on my cell phone for peace of mind.
__________________
For the fun of it...Keith
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|