Companies embracing SMS for account logins should be blamed for SIM-swap attacks – Key Discussions
SIM-swap attacks continue year after year because companies (that know better) leaned into the awful idea of using SMS for password resets and account logins. These companies include Apple, Dropbox, PayPal, Block, Google, and many others.
What is a SIM-swap attack? It’s where a bad guy asks a carrier to port your cell-phone number to their phone. (Carriers are required to port your number easily because of pro-competition laws in the US.) Then, the crook triggers and receives account login info ...
Read more at keydiscussions.com