Study shows top telcos are naff at fending off cellphone number hijackings
Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers.
Such attacks have been a problem for years, but have become particularly damaging as more websites have implemented two-factor authentication procedures that rely on control of a given phone number. In September last year, Twitter CEO Jack Dorsey temporarily lost control of his Twitter account following a SIM-swap attack.
In a paper [PDF] titled, "An Empirical Study of Wireless Carrier Authentication for SIM Swaps," Kevin ..
Support the originator by clicking the read the rest link below.
