SIM swap attacks is a hacking technique where hackers socially engineer cell phone providers to steal a victim’s phone number. That means that hackers get the victim’s text messages and phone calls.
While two factor authentication is not used by the majority of people, when it is used, the most common form of two factor is text messages. That means that if a hacker can hijack your phone number, he or she will get those text messages and, in combination with a stolen password, can compromise your your bank account.
In this case, law enforcement in England, Scotland, Malta and Belgium, assisted by Europol, The US, and Canada, arrested ten kids (ages 18 to 26) for hijacking US celebrities phones in order to compromise their Bitcoin accounts.
Celebrities often have bad security because, well, they are celebrities and they don’t have to ….
Of course, now that their net worth is $100,000,000 lighter they might want to reconsider that theory.
For you and me, $100 is about my limit; maybe less.
There plenty of alternatives to text messaging for your second factor from the fancy end with RSA hardware tokens, to the plain version of software tokens. With any of them, unless the hacker physically steals your phone while it is unlocked, any of these alternatives are better than text messages.
Now the next thing is to get providers to stop allowing you to do a password reset by sending you an email or a text message for the same reason.
Security or convenience, pick one. Credit: The Record