Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
AT&T Communications Security

AT&T Now Lets Customers Lock Down Account To Prevent SIM Swapping Attacks (theverge.com) 6

Posted by msmash from the moving-forward dept.
AT&T has launched a new Account Lock feature designed to protect customers from SIM swapping attacks. The security tool, available through the myAT&T app, prevents unauthorized changes to customer accounts including phone number transfers, SIM card changes, billing information updates, device upgrades, and modifications to authorized users.

SIM swapping attacks occur when criminals obtain a victim's phone number through social engineering techniques, then intercept messages and calls to access two-factor authentication codes for sensitive accounts. The attacks have become increasingly common in recent years. AT&T began gradually rolling out Account Lock earlier this year, joining T-Mobile, Verizon, and Google Fi, which already offer similar fraud prevention features.

AT&T Now Lets Customers Lock Down Account To Prevent SIM Swapping Attacks More | Reply

AT&T Now Lets Customers Lock Down Account To Prevent SIM Swapping Attacks

Comments Filter:

  • SIM swapping attacks occur when criminals obtain a victim's phone number through social engineering techniques, then intercept messages and calls to access two-factor authentication codes for sensitive accounts

    The missing step is, after obtaining your phone number, they attempt to transfer (port) your number to a new SIM which they control. Once the port is complete, they can then intercept SMS messages and use them to break in to your accounts. This is an important detail because the text makes it sound like they can snoop on your texts while you still have the use of your phone.

    Protecting against unauthorized ports has been a thing for some time now, including at AT&T. Everyone should lock their SIM with th

    • Re: (Score:2)

      by PPH ( 736903 )

      when criminals obtain a victim's phone number through social engineering techniques

      Like every f*cking business demands that I put my phone number on checks, on-line forms and every other thing before they will do business with me.
      Just use a credit card or phone pay, you say? They already have your phone number attached to your account and will hand it over to every merchant (or person claiming to be one) that asks.

      My trick: The phone number I give out is a land line. Have fun uploading your crappy app to a Western Electric Model 2500. My cell phone does nothing but make voice phone call

      • Yep, I have a VOIP line for the exact same reason.

        Unfortunately, there are some businesses you really need to give your cell number. It's not possible to keep it completely secret. So locking your account against porting is still a very, very good idea.

        • I did this so long ago I forget when I did it. I'd encourage the port lock as well. Along with locking your credit. Setting up a PIN with the IRS too. My biggest concern is that my carrier will roll over for someone who asks nice enough. I will never forget when a very non-techie friend got access to her go daddy account. She had forgotten her password, she no longer had the credit card she setup the account with, and did not know its number. Essentially every check they asked for to confirm it was her, she
  • myAT&T app runs on Android and iOS devices. Can anyone here see a potential problem.

Slashdot Top Deals

All Finagle Laws may be bypassed by learning the simple art of doing without thinking.

Close