cross-posted from: https://midwest.social/post/9868784

SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.

  • waratchess@lemm.ee
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    1
    ·
    9 months ago

    From what I understand, the attackers steal your number by gaining access to your phone carrier account.

    They can gain access to your account either by finding your info in a data breach, or by phishing the account details from you.

    That’s why they say that you need to setup a strong password with 2FA for your phone carrier account to protect yourself from this kind of attack.

    • Chozo@fedia.io
      link
      fedilink
      arrow-up
      13
      ·
      9 months ago

      That makes more sense. In which case, yeah this is just basic account security 101 stuff. Certain accounts in life you need to treat with extra security, and until we can wean society off of insecure SMS authentication services, your phone account is one of those that needs extra care put into it.

    • AA5B@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      I was going to say, I’ve never needed to talk to my phone provider with a new eSIM, i just need to login to the app and confirm. That makes it the obvious route for sim stealers

      Remember this, next time some says “I don’t need a good password. What are they going to do, pay my phone bill?”