Sim Card Hi-jacking

What is it?

With the extra method of securit of enabling a second factor for authentication other than a password, attackers are looking at seeing how easy it is to social engineer this. Sometimes the factor is recieving a text message or call to a mobile phone. If the attacker can call up your cell provider and pretend to be you , they can move your number to their simcard and get your password reset!

Look at the video below to show you how easy this is when the attacker has no or the incorrect imformation!

How can I protect from it?

1) If  you can try and use an App insteaf of a text message for your second factor. As long as your phone is properly secured and encrypted and also the backup is , it will be near impossible for an attacker to exploit this.

2) If you have to enable a txt message or a phonecall as your second factor , make sure your provider has undergone strict processes nessesary before moving the number to a new sim card.