Detecting A SIM Swapping Attack

It appears that the perpetrator of the SIM swap abused not only internal knowledge of T-Mobile’s systems, but also a lax password reset process at Instagram. The social network allows users to enable notifications on their mobile phone when password resets or other changes are requested on the account.

This article by KrebsOnSecurity is a really good perspective on what a SIM swap attack looks like from a victim’s standpoint:

This is recommended reading.

But this isn’t exactly two-factor authentication because it also lets users reset their passwords via their mobile account by requesting a password reset link to be sent to their mobile device. Thus, if someone is in control of your mobile phone account, they can reset your Instagram password (and probably a bunch of other types of accounts).

Leave a Reply

Your email address will not be published. Required fields are marked *