Thread: Security Threats/Solutions Relevant to Our Hobby in 2021: Sim Swapping and 2FA
View Single Post
  #1  
Old 02-13-2021, 03:22 PM
Santo10Fan's Avatar
Santo10Fan Santo10Fan is offline
Ben
ben tay/lor
 
Join Date: Sep 2017
Location: Chicago
Posts: 680
Default Security Threats/Solutions Relevant to Our Hobby in 2021: Sim Swapping and 2FA
During the past decade, our mobile phone numbers have become a de facto ID number thanks to two-factor authentication (2FA), and the consensus among security experts is clear: this is bad. There are a multitude of ways thieves can exploit this vulnerability. One of the most serious threats to emerge in the 20s is sim swapping.

A thief will assume your identity during a call or visit a mobile service provider (e.g. Verizon, AT&T) and take control of your account, thereby nullifying 2FA based on your phone number. Once this is done, your phone will be cut off from the cellular network-along with your ability to make any phone calls. Depending on the thief's intentions or level of skill, your entire online persona could be nicked while you scramble to regain access.

Moving forward into the new decade I want to encourage Net54ers to begin thinking differently about two-factor authentication. If you have never used it via your mobile number, fear not-it actually may be a good thing. The phone method will be obsolete in the very near future because it could cost mobile providers millions of dollars in court.

Authy app is my go-to for 2FA. It ties the 2FA to your actual device, not your phone number. Even if a thief gained control of your number, they would not have access to the Authy app on your device. This will be the standard for online security in the 20s. 2FA on everything financial, with the 2FA tied directly to your device.

Paypal accounts have the option for Authy and I strongly recommend all Net54 Paypal users enable that option (then delete 2FA tied to your phone number if enabled). Unfortunately, we are all wide open to sim swapping on eBay. Make sure you only have credit cards only, not debit or ACH, linked in checkout on ebay.

The paypal process is as follows:
1. Download authy from your app store
2. Login to paypal
3. Select the gear icon/then security
4. Select 2-step
5. Select "authenticator app" and follow the instructions

https://authy.com/
https://www.wired.com/story/sim-swap...-defend-phone/
https://arstechnica.com/information-...ch-and-famous/
https://www.paypal.com/us/smarthelp/...e-user-faq3500
__________________
BZT
Reply With Quote