Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

question everything

(48,808 posts)
Tue Nov 23, 2021, 05:28 PM Nov 2021

Hackers Circle as Individual Investors Pour Cash Into Crypto

(snip)

Criminals have a history of stealing money from wealthy or well-known crypto investors through SIM swaps, or switching a phone number from one device’s subscriber identity module to another. But the crypto boom among mom-and-pop investors has led hackers to increasingly circle targets like Ms. Maguina, according to cybersecurity experts, lawyers and law-enforcement officials.

The attacks on small investors have sparked legal battles with cellphone carriers, led customers to change plans and pushed some telecom companies to tweak security measures. Law-enforcement agencies are trying to team up across jurisdictions in response to a broadening pool of potential victims. The Federal Communications Commission is honing rules for wireless carriers aimed at limiting SIM-swap fraud, proposing tighter restrictions on how they switch numbers between devices and carriers.

Some wireless companies say federal rules could make matters worse for consumers AT&T Inc. on Monday said the agency’s proposed regulations could give hackers a blueprint for attacks and add friction for legitimate customers who need to switch devices or carriers. AT&T said customers make hundreds of thousands of such requests a month. A fraction of 1% of them—potentially totaling thousands—are fraudulent, the company said. The company warned against some measures floated by the FCC, such as notifications to phone users of SIM-swap requests and potential 24-hour delays to execute them. Customers conduct SIM swaps when they take their numbers to new phones, while the related act of “porting out” switches numbers to different carriers. Hackers can impersonate phone users with various types of account information or personal data, said Kevin Lee, lead author of a 2020 Princeton University study on SIM swaps.

(snip)

AT&T told the FCC that it uses data-analytics tools to gauge the risk of postpaid customers’ SIM-swap requests. A spokesman for Verizon said it requires postpaid customers to use a one-time passcode when attempting to switch to another carrier. T-Mobile allows customers requesting SIM swaps by phone to use their account PIN, a one-time passcode or two-factor authentication, a representative said. The firm discontinued the use of logs showing recent incoming or outgoing call numbers in its authentication process following the Princeton study. US Mobile, an upstart New York-based carrier with about 150,000 customers, has prohibited SIM swaps by phone and directs customers to its app, where it can vet their internet-protocol addresses and biometric data, Chief Executive Ahmed Khattak said.

(snip)

Amid mounting complaints, the FCC in September proposed regulations mandating wireless companies verify users’ passwords or send one-time passcodes. The rules would also require companies to tighten procedures for changing lost or stolen passwords, and restrict what data employees could divulge by phone or in stores. An official for the FCC, which warns that consumer data breaches can give fraudsters information they need for SIM swaps, said the rule making could take several months.

More..

https://www.wsj.com/articles/hackers-circle-as-individual-investors-pour-cash-into-crypto-11637499603 (subscription)

=====

I just post the story. I have no idea what it is about..

1 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Hackers Circle as Individual Investors Pour Cash Into Crypto (Original Post) question everything Nov 2021 OP
I don't think one needs to be an expert (and I most certainly am not) to expect this... hlthe2b Nov 2021 #1

hlthe2b

(106,359 posts)
1. I don't think one needs to be an expert (and I most certainly am not) to expect this...
Tue Nov 23, 2021, 05:32 PM
Nov 2021

Gee. Whoda thunk that hacking a totally computerized system of digital-only monetary valuation, trading, transferring, accounting would be a problem...

Latest Discussions»Culture Forums»Personal Finance and Investing»Hackers Circle as Individ...