SIM-swapping - Over USD 100 million stolen in cryptocurrencies by hijacking phone numbers

Europol Press Release - 10 Feb 2021
Ten hackers arrested for string of SIM-swapping attacks against celebrities
https://www.europol.europa.eu/newsr...g-of-sim-swapping-attacks-against-celebrities

Read more there!

PS: I tried to search the board whether this was already posted, but I couldn't find it. But maybe I didn't search good enough.

 

https://www.europol.europa.eu/sites/default/files/images/editor/sim-swappingl.png

Another reason to prefer 2FA in authenticator apps or hardware over sms. Risk of that is if u drop ur phone and it shatters in pieces...

 

Two things:

1. You should have a cell provider that instantly sends texts, emails, etc... to every device/email registered on the account IF a SIM swap is requested. Some even are requiring a 24 hour gap without exception to honor a SIM swap request - even better of course! By default the operator's system WILL send the notices to all and the store operator CANNOT prevent those alerts from hitting every other device and email on account record. Rock solid on my provider!

2. There is no need to sweat dropping your phone and it explodes into dozens of pieces. It would suck of course, but if you understand TOTP you would have saved backups elsewhere. It takes a few seconds to backup all TOTP codes and you can then reinstall them in a new phone as quickly as taking a picture. U2F is physically robust, but again you should have multiple U2F chips setup on your accounts. Simply store one at home. If anything I am typing in the "2" idea here is beyond the reader they should not be using these two methods of authentication. Simply stop and learn how to maintain backup copies and save your self headaches. Its not if, but when on stuff like this.