Tag Archive for: TMobile

Cyber-risk expert talks about latest T-Mobile security hack

The bad guys take control. Then they call your phone company and tell them they want to switch your information to a new phone.


Tech security expert warns about sim card scam on T-Mobile customers

It’s Deja Vu for some T-Mobile customers. In August, hackers exposed 50 million customers’ data.

Now there is another issue.  The bad guys finding a way to swap your SIM cards.

How scammers take control of your phone number

Cyber risk expert David Derigiotis with Burns & Wilcox explained how it works.

“Your phone essentially goes dead and the attacker ports out your number to their device and now they start receiving all of your calls, all of your text messages,” Derigiotis said.

The bad guys take control.  Then they call your phone company and tell them they want to switch your information to a new phone.

“The other is, good old-fashioned social engineering,” he said. “They called, they trick the individual pretend that they are you. And they’re asking to port out that number and they’re able to simply do that by deceiving and tricking which is social engineering, taking advantage of that human element.”

Dangers of SIM card swapping

Here’s the real danger. Many of us have authentication for other programs on our computers tied to our phones.  So, think about it.  You try to get into a program on your laptop, it pushes an authentication message to the cellphone the crooks now have in their control.

“If you’re using the text message as a second form of authentication for logging into an account whether it be a banking, email, whatever it may be,” Derigiotis said. “They got access to that second authentication mechanism. That’s what happened to a number of individuals.”

How to protect yourself from T-Mobile scam

So, the best advice, double down on safety around your cell.

“What everyone should do is stop using their cell phone number, stop using that text as a second form of authentication,” he said. “Because we see right here, this is the real weak spot, and breaking through that, and being able to get into an online account.

“I think it’s more important to use some type of app-based authentication, they have different forms out…


Mobile Security for Enterprise: Samsung, MobileIron & EE

Another T-Mobile cyberattack reportedly exposed customer info and SIMs

T-Mobile has suffered another cyberattack after being rocked by a massive data breach in August. This time around, attackers accessed “a small number of” customers’ accounts, according to documents posted by The T-Mo Report.

According to the report, customers either fell victim to a SIM swapping attack (which could allow someone to bypass SMS-powered two-factor authentication), had personal plan information exposed, or both. The document shows that the customer proprietary network information that was viewed could’ve included customers’ billing account name, phone and account number, and info about their plan, including how many lines were attached to their account.

This summer, the carrier confirmed that a data breach exposed almost 50 million customers’ data, with the attacker accessing social security numbers, names, and dates of birth. (A person who claimed to be the hacker went on to call the company’s security practices “awful.”) The information reportedly exposed in December’s breach is less sensitive (and the documents say the customers who had their SIMs swapped have regained access), and is likely not as large in scope. We weren’t able to find widespread reports from customers that said they’d received notification letters.

T-Mobile’s support account has seemingly confirmed that there was a breach, responding to people on Twitter to say that it’s taking “immediate action” to help individuals who were put at risk by the attack. The company didn’t immediately reply to The Verge’s request for comment.

Read original article here

Denial of responsibility! Verve Times is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If…