number port-out scams – Computer Security Articles

U.S. Mobile Giants Want to be Your Online Identity

September 12, 2018 admin A Little Sunshine, AT&T, International Computer Science Institute, Johannes Jaskolski, LocationSmart, Nicholas Weaver, number port-out scams, Project Verify, Security Tools, Securus Technologies, SIM swap, Sprint, T-Mobile, The Coming Storm, UC Berkeley, Verizon

Credit to Author: BrianKrebs| Date: Wed, 12 Sep 2018 20:58:31 +0000

The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device. Here’s a look at what’s coming, and the potential security and privacy trade-offs of trusting the carriers to handle online authentication on your behalf.

Independent Krebs

Florida Man Arrested in SIM Swap Conspiracy

August 7, 2018 admin A Little Sunshine, AT&T, Coinbase, Gemini Trust, Joel Ortiz, motherboard, Ne'er-Do-Well News, number port-out scams, Ricky Handschumacher, SIM swap scams, T-Mobile, The Coming Storm, trezor, Tyler Winklevoss

Credit to Author: BrianKrebs| Date: Tue, 07 Aug 2018 19:27:23 +0000

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher, an employee of the city of Port Richey, Fla, charging him with grand theft and money laundering. Investigators allege Handschumacher was part of a group of at least nine individuals scattered across multiple states who for the past two years have drained bank accounts via an increasingly common scheme involving mobile phone “SIM swaps.”

Independent Krebs

Reddit Breach Highlights Limits of SMS-Based Authentication

August 1, 2018 admin 2fa, Authy, data breaches, google, Google Authenticator, number port-out scams, Reddit breach, Security Keys, Security Tools, totp, twofactorauth.org, Yubico

Credit to Author: BrianKrebs| Date: Thu, 02 Aug 2018 00:55:17 +0000

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security.

Independent Krebs

T-Mobile Employee Made Unauthorized ‘SIM Swap’ to Steal Instagram Account

May 18, 2018 admin A Little Sunshine, instagram, Latest Warnings, number port-out scams, Paul Rosenzweig, SIM block, SIM PIN, SIM swap, T-Mobile, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 18 May 2018 18:35:24 +0000

T-Mobile is investigating a retail store employee who allegedly made unauthorized changes to a subscriber’s account in an elaborate scheme to steal the customer’s three-letter Instagram username. The modifications, which could have let the rogue employee empty bank accounts associated with the targeted T-Mobile subscriber, were made even though the victim customer already had taken steps recommended by the mobile carrier to help minimize the risks of account takeover. Here’s what happened, and some tips on how you can protect yourself from a similar fate.