SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.
SMS 2FA needs to die. It’s infuriating that a lot of banks still rely on sms.
I can’t use my shitty banks shitty app because I refuse to use Googles shitty android skin. So I have to use shitty SMS because they don’t support any other authentication
Man, that’s shitty.
Hear, hear!
deleted by creator
From the text:
Now, attackers breach a user’s mobile account with stolen, brute-forced, or leaked credentials and initiate porting the victim’s number to another device on their own. They can do this by generating a QR code through the hijacked mobile account that can be used to activate a new eSIM. They then scan it with their device, essentially hijacking the number.
No need for social engineering.
