In July 2022, the European Union planned to force tech companies to police manipulative accounts and content on their platforms. And when it comes to protecting your mobile devices, there are other things you need to do.Since the dawn of facial biometric verification, fraudsters have been looking for ways to bypass it-from simple paper masks to sophisticated deepfake technology.ĭeepfakes have been on the rise for the last several years, leading countries to tackle the spread of AI-generated accounts.
It’s clearly a powerful weapon to stop cybercrime, but it’s not perfect. No one’s suggesting two-factor authentication is a problem. If someone truly loses their phone, or there’s no way to get confirmation one way or another, then the customer service representative would need to go to the next level of authentication, Cranor said.
(Some carriers offer this security option.) She suggests a security protocol that requires the phone company to text or call the phone of the registered owner before service is ported to another phone. The real Cranor was talking on her cellphone at the time, so if the store employee had simply called her, she could have stopped the scammer.Ĭranor told NBC News she believes there are ways wireless companies can balance increased security with a customer’s legitimate needs to change their phone service. At the time, she worked at the FTC and wrote about her experience.Īn ID thief walked into a wireless store, claimed to be Cranor, said she had lost her phone and needed service changed to a new device. Cranor was the victim of the port-out scam two years ago. Lorrie Cranor, a cybersecurity expert at Carnegie Mellon, believes better authentication procedures are needed before cellphone service can be switched. Once they had the new password, they logged in and transferred out all the money. The phone bandits opened a new mobile account with another company and then contacted T-Mobile to have the service switched.Īrmed with just his Wells Fargo user name - they didn’t have his password - the hackers requested a password change and just waited for the one-time authentication code to be texted to his phone number, which they now controlled. “And I couldn’t log in to my T-Mobile or my Wells Fargo accounts because my passwords had been changed.”īased on what he learned from the bank and the phone company, Kloeppner told NBC News what most likely happened. “I tried to call the bank from my cellphone and it said, ‘No service,’ so I'm kind of freaking out,” he said. Late one night, Kloeppner, who lives in Shoreview, Minn., saw an email on his smartphone that said he had just transferred $1,799 to another account - something he hadn’t done.
That’s how cybercrooks stole all the money in Jesse Kloeppner’s Wells Fargo bank accounts earlier this year.
0 kommentar(er)
