Experts Comments On Two-factor Authentication Obsolete In The Face Of SIM Swapping Attacks

In a blog post, security researchers said that many mobile operators aren’t asking the difficult security questions to ensure the caller is the legitimate mobile phone user.

Researchers pointed to a particular Princeton study, where researchers made around 50 attempts across five North American prepaid telecom companies to see if they could successfully port a stolen number (their own) to a SIM card.

The research showed that in most cases a threat actor only needs to answer one question right when questioned by their customer service representative reset the password on the account and port the number over.

Thanks to the Courtesy of :

Leave a Reply