Police authorities warn of `` SIM swapping '' threat used for Twitter CEO account takeover



Police authorities are calling for attention as a method of stealing personal information and unauthorized access to bank accounts is coming out, changing the information linked with the phone number and SIM card in the guise of a lost mobile phone .

Ontario police warn of 'SIM swapping' fraud | CBC News

According to the co-announcement of the Ontario Ontario Police, the Ontario Major Fraud Investigation Bureau and the Canadian Fraud Control Center , the SIM swapping criminals first contacted the telecom carrier that they had lost their mobile phone, and the victim's phone number Is linked to the SIM card at hand. In this way, it has been confirmed that the criminal pretending to be a victim had withdrawn a deposit from the victim's bank account or applied for debt in the name of the victim.



Also, download the app as soon as it is available, reissue the password with the victim's account, and hijack the account of any app or service using the confirmation code sent to the stolen phone number or email address Will also be possible.

In August 2019, there was an incident in which discriminatory tweets were repeatedly generated from the account of Twitter CEO Jack Dorsey, but at this time, the technique used to hijack Dorsey's account was Presumed to be “SIM swapping”.

SIM swapping can be performed simply by identifying the victim's phone number and the communication carrier in use, but it is necessary to know the victim's personal information to some extent in order to pass the identity verification of the communication carrier. . For this reason, Ontario Police recommends that you protect your personal information by taking the following defensive measures:

・ Set all personal information to 'private', such as making the date of birth private on social media.
・ Don't respond to text messages or phishing emails that you don't recognize, even if you are asked to confirm your password or update your account information.
• Use an offline password manager.
・ Review the security settings of the communication carrier.
・ If you lose your mobile phone, notify the communication carrier immediately.

The Ontario Police said to the Canadian Broadcasting Corporation that it is important to protect personal information by saying, “Please keep intuition. If you feel a little suspicious of a text message or email, it ’s a phishing scam.” I emphasized sex again.

in Mobile,   Security, Posted by log1l_ks