Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsMobile handsets2 factor authentication and mobile security issues in NZ
SunTiger

25 posts

Geek


#199135 5-Aug-2016 18:24
Send private message

Recently there has been some talk regarding people getting their email accounts hacked even though they are using 2FA. This was achieved by the attacker impersonating the victim by calling the victim's mobile provider and getting a replacement sim sent to the attacker, giving the attacker access to the victim's phone (and therefore access to their 2FA).

 

It has been recommended that we get a second (cheap) cellphone with a seperate sim card not linked to our identity to avoid this - does anyone have any experience with this, is it necessary or excessive?

 

By the way I've tried searching for this topic already using the Search function but the search function doesn't seem to be working (see screenshot), cheers

 

 

 

Click to see full size

Create new topic
RunningMan
9184 posts

Uber Geek
+1 received by user: 4834


  #1605158 5-Aug-2016 18:26
Send private message

Turn your adblocker off. Search will then work.



richms
29098 posts

Uber Geek
+1 received by user: 10208

Trusted
Lifetime subscriber

  #1605162 5-Aug-2016 18:38
Send private message

I have a seperate phone for 2 factor now. Friend had a work phone ported to some other sim card. Telco didnt seem to care and just put it back on the right sim card. All you need to port to a prepay sim is the number and account number when I last did it, 2 things people do not really keep that closely guarded.




Richard rich.ms

freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1605164 5-Aug-2016 18:44
Send private message

I personally try to use an authenticator app - Authy is good as it syncs between platforms (mobile and desktop). LastPass is offering this now as well. 

 

For those few services that want to use a mobile for authentication I try using a non-NZ number I have (Google Voice) where possible.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 



Sam91
620 posts

Ultimate Geek
+1 received by user: 183


  #1605177 5-Aug-2016 19:03
Send private message

Are you referring to what's happening in the Youtube community? Popular Youtube Channels are being hacked using this method.

Example:

richms
29098 posts

Uber Geek
+1 received by user: 10208

Trusted
Lifetime subscriber

  #1605178 5-Aug-2016 19:08
Send private message

Yes, Telcos do not take security seriously so any prick can bluff their way into getting a sim swap or else you can just do a port to 2degrees with only the phone num and account number for on account, or phone and sim number for prepaid.

 

I used to have a spreadsheet of sims to keep track of when I need to top each one up to keep it alive, stopped that since its all that is needed to steal the numbers.




Richard rich.ms

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright