Hacker News Clone new | comments | show | ask | jobs | submit | github repologin
E-SIM SIM-Swapping Attack (www.youtube.com)
3 points by ijidak 1 hour ago | hide | past | web | 3 comments | favorite





Ok. So, this community has a lot of knowledge with respects problems like this.

What are your thoughts regarding how to protect ones self from this type of attack?

This is a bleeding edge problem. It goes after 2-factor auth, and it's likely to become more common.

reply


Do not use SMS or voice for MFA. These are weak MFA factors. Push notification auth to app only, requiring biometrics to approve. Secure hardware tokens are a gold standard, but rare.

If your bank or financial services provider leverages SMS/voice for MFA, they’re setting you up to fail. Switch providers, they’re dumping the liability on their customers.

https://2fa.directory/us/

(I own customer identity requirements at a fintech, thoughts and opinions my own)

reply


> What are your thoughts regarding how to protect ones self from this type of attack?

Never ever use SMS 2FA Auth or if you provide a login system, do not offer it as an option.

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: