Account Security, Mobile and Social Engineering

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile

Mobile Data breaches Telecommunications Identity Theft

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. In early July 2018, Ferri was traveling in Europe when he discovered his T-Mobile phone no longer had service.

Mobile

Mobile Cryptocurrency Accountability Passwords

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

19, a group of cybercriminals that allegedly included the couple’s son executed a sophisticated phone-based social engineering attack in which they stole $243 million worth of cryptocurrency from a victim in Washington, D.C. .’s son was loaded with cryptocurrency? Approximately one week earlier, on Aug.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Google and Apple Move to Strengthen User Protections

Security Boulevard

JULY 10, 2024

Google and Apple look to give users better protections against social engineering attacks like phishing, with Google giving high-risk users access to the APP service with a passkey and Apple educating users about the threats with a detailed support document in the wake of a recent smishing campaign.

Social Engineering

Social Engineering Education Engineering Phishing

Snapchat Password Cracking Tools: A Guide to Staying Safe

Hacker's King

DECEMBER 25, 2024

This is one of the most prevalent methods of account compromise. Social Engineering : Attackers manipulate victims into sharing personal information, such as passwords or answers to security questions. This adds an extra layer of protection by requiring a code to be sent to your mobile device during login attempts.

Passwords

Passwords Social Engineering Accountability Scams

Beyond Passwords: 2FA, U2F and Google Advanced Protection

Troy Hunt

NOVEMBER 14, 2018

For example, if you physically have someone's mobile phone in your hand and it's unlocked, you could login to an account by initiating a password reset, receiving the email in their email client then entering the "2nd factor" token sent via SMS or generated by a soft token app on the device. Google's implementation is just lovely.

Passwords

Passwords Authentication Accountability Mobile

Top 7 MFA Bypass Techniques and How to Defend Against Them

SecureWorld News

AUGUST 5, 2023

Multi-factor authentication (MFA) is a fundamental component of best practices for account security. It is a universal method employed for both personal and corporate user accounts globally. Take, for instance, Google's account security settings which allow you to download a list of backup codes intended for future use.

Social Engineering

Social Engineering Authentication Passwords Accountability

Nude photo theft offers lessons in selfie security

Malwarebytes

FEBRUARY 12, 2021

To gain access to the email accounts, he appears to have reset account passwords by correctly guessing password reset questions. He also used lists of compromised passwords to break into one account, and discussed social engineering tricks related to Snapchat. Defending yourself.

Identity Theft

Identity Theft Social Engineering Passwords Accountability

How to Detect and Respond to Account Misuse

Identity IQ

JULY 3, 2023

Receiving notifications or text messages for failed login attempts that you didn’t initiate could mean someone is trying to gain unauthorized access to your account. Unauthorized changes to account settings Another red flag that indicates account misuse is finding that your account settings have been changed without your knowledge.

Accountability

Accountability Identity Theft Passwords Social Engineering

Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old

Security Boulevard

JANUARY 2, 2024

The post Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old appeared first on Security Boulevard. What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability.

Social Engineering

Social Engineering Accountability Account Security Data privacy

#Secure: Locking Down Your Social Media in Style

Approachable Cyber Threats

MARCH 24, 2023

This not only enables them to perform more effective social engineering, spear phishing, or other targeted attacks against you, but also those around you whose information they have also gleaned from your public profile. Activate these notifications to stay informed about your account security.

Media

Media Accountability Passwords Password Management

#Secure: Locking Down Your Social Media in Style

Approachable Cyber Threats

MARCH 24, 2023

This not only enables them to perform more effective social engineering, spear phishing, or other targeted attacks against you, but also those around you whose information they have also gleaned from your public profile. Activate these notifications to stay informed about your account security.

Media

Media Accountability Passwords Password Management

Gamers level up with rewards for better security

Malwarebytes

MAY 14, 2021

Did the attacker bypass text-based 2FA by social engineering the mobile provider? I’ve played quite a few MMORPGs where large store purchases are involved, yet there often seems to be a lack of additional security to help keep accounts secure in some titles. It could be a fairly straightforward phish.

Accountability

Accountability Authentication Passwords Social Engineering

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Cyber Security Informer

T-Mobile customers were hit with SIM swapping attacks

Busting SIM Swappers and SIM Swap Myths

Trending Sources

Lamborghini Carjackers Lured by $243M Cyberheist

Google and Apple Move to Strengthen User Protections

Snapchat Password Cracking Tools: A Guide to Staying Safe

Beyond Passwords: 2FA, U2F and Google Advanced Protection

Top 7 MFA Bypass Techniques and How to Defend Against Them

Nude photo theft offers lessons in selfie security

How to Detect and Respond to Account Misuse

Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old

#Secure: Locking Down Your Social Media in Style

#Secure: Locking Down Your Social Media in Style

Gamers level up with rewards for better security

How to Lose a Fortune with Just One Bad Click

Stay Connected