$38,000… GONE while he was sleeping.

That’s how fast SIM-swapping can destroy your financial life.

In just 3 hours, a hacker took over Justin Chan’s phone number, intercepted his two-factor codes, and emptied his bank and trading accounts. No alarms. No notifications. Just silent access and drained funds.

It didn’t happen because he was careless.
It happened because the attacker exploited a broken system:

- His mobile carrier transferred his number to a new device without proper checks
- His 2FA codes were sent to that new device
- His bank and investment apps trusted that number

This is the $38,000 mistake most people never see coming. Because by the time you realize something is wrong — it’s already too late.

The worst part? Getting the money back was harder than the hack itself.
It took media pressure, endless follow-ups, and months of stress just to get refunded.

Mobile numbers are the new master key — and most people are handing them out unlocked.

If your 2FA is tied to your phone number, it's time to change that.
If your carrier doesn’t lock down your SIM by default, it’s time to upgrade.
And if your bank’s idea of protection is a form letter and a closed case, don’t wait for a wake-up call at 3AM.

THiS is why*NOTHING* should rely on #SMS for #2FA but only #PGP-Pubkeys instead!

• #SimSwapping is way too easy to pull off to consider #PII like #PhoneNumbers as "secure"...

Übertragung auf eSIM: Kriminelle kapern fremde Rufnummern per QR-Code - Golem.de
https://glm.io/183231?n #Cybercrime #eSIM #QRCode #SIMSwapping

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider
https://krebsonsecurity.com/2024/01/fla-man-charged-in-sim-swapping-spree-is-key-suspect-in-hacker-groups-oktapus-scattered-spider/ #SIMSwapping #florida #hacking #breach #grails

SIM-swapping ring stole $400M in crypto from a US company, officials allege - Enlarge (credit: Wong Yu Liang | Moment)

The US may have uncov... - https://arstechnica.com/?p=1999957 #cryptocurrencywallets #cryptocurrencyscheme #mobiledevicesecurity #cryptocurrencyscam #cryptocurrency #identitytheft #devicefraud #simswapping #wirefraud #simswap #policy

Don't let SIM swapping happen to you!

SEC says its Twitter account was the victim of a SIM Swap attack - Desk Chair Analysts

https://dcanalysts.net/sec-says-its-twitter-account-was-the-victim-of-a-sim-swap-attack/

The FCC says new rules will curb SIM swapping. I’m pessimistic - Enlarge (credit: Getty Images | Panuwat Sikham)

After years of... - https://arstechnica.com/?p=1985061 #federalcommunictionscommission #simswapping #security #portout #biz⁢ #fraud #fcc

Psycho Bunny To The Rescue

After gaining control of her phone, hackers ripped off Avery Hartmans for $10,000.

Even worse, her credit card company didn’t believe the charges were fraudulent. Three weeks shy of her wedding, she was saddled with $9,778.24 in debt.

This interactive retelling of her ordeal is an awesome way to introduce people to the reality of organized crime attacking ordinary consumers through SIM swapping and physical theft of credit cards.

You don’t have to be “somebody special” to wind up on the receiving end of digital fraud.

And half of all victims of identity theft wind up being victimized again.

This is a great read, and the interactive pieces make the story more engaging.

https://www.businessinsider.com/credit-card-phone-theft-sim-swap-identity-theft-investigation-2023-4

#InfoSec
#SIMSwapping
#PsychoBunny

Twitter permanently suspended journalist who interviewed Matt Walsh’s hacker - Enlarge

This week, The Daily Wire podcast host Matt Walsh got... - https://arstechnica.com/?p=1933486 #firstamendment #simswapping #twitter #policy #hacker

Psycho Bunny To The Rescue

After gaining control of her phone, hackers ripped off Avery Hartmans for $10,000.

Even worse, her credit card company didn’t believe the charges were fraudulent. Three weeks shy of her wedding, she was saddled with $9,778.24 in debt.

This interactive retelling of her ordeal is an awesome way to introduce people to the reality of organized crime attacking ordinary consumers through SIM swapping and physical theft of credit cards.

You don’t have to be “somebody special” to wind up on the receiving end of digital fraud.

And half of all victims of identity theft wind up being victimized again.

This is a great read, and the interactive pieces make the story more engaging.

https://www.businessinsider.com/credit-card-phone-theft-sim-swap-identity-theft-investigation-2023-4

#InfoSec
#SIMSwapping

> 400M Twitter accounts data is on sale, among which the most critical are username, mobile numbers & email. Hacker was able to provide a sample list of 1000 usernames, and our founder Haseeb Awan was able to verify many of them.

There are some serious concerns with the #databreach

1 - Identities of many pseudo accounts will be public
2 - With a phone number, it's super easy to find anyone's address and banking information.
3 - Multiple phishing attempts via cellphone, physical, or email
4 - #simswapping attacks to take over your bank account, social media, or confidential information

Preventative tips:

1 - Ensure that your MFA/non-sms 2FA is turned ON for every account that you use via #Authy #GoogleAuthenticator
2 - Switch to @Efani (irrespective of biasness, we have a 100% track record of securing your phone number, and no one provided any insurance)
3 - Use a #passwordmanager. Keeper Security Enterprise password Manager is ideal, but #DYOR.
4 - Call your bank and tell them to put a limit on withdrawals above
5 - Use a hardware wallet. #NGRAVE which is ideal, but #DYOR.
6 - Get Optery, getagency.com, or BLACK CLOAK for digital security