There’s a lot to think about when you or your employees get new mobile phones — plans, hardware, cost. But one thing many people don’t think about is number recycling, a common practice among providers. Take a look at how it enables some of the lesser-known cell phone cyberattacks.
What Can Someone Do with My Phone Number?
Many readers have heard of a SIM swap scam before. It’s a type of social engineering attack where a malicious actor attempts to gain control of a victim’s mobile phone number. They do this by calling up a mobile phone carrier and pretending to be the victim. Once they’ve connected to a customer support representative, they tell a sob story about a lost device or broken phone. Their goal: to trick the company into porting the victim’s phone number onto another device. Success means that the attacker can now receive calls and text messages, including text-based two-factor authentication (2FA) codes for their victims.
But success isn’t guaranteed. Many mobile phone carriers require customers to protect their accounts with a PIN. When a customer tries to make changes to their account, they will need to provide their PIN. That authentication mechanism makes it difficult for an attacker. Without knowing a customer’s PIN, they will need to convince someone to overlook protocol by not requiring a PIN.
But what if attackers didn’t have to go to ..
Support the originator by clicking the read the rest link below.
