Now that its CEO’s account has been hacked, Twitter is taking steps to protect user accounts from similar attacks. Twitter CEO
**Jack Dorsey's account was compromised last month** when unknown hackers replicated a phone number associated with the account and started tweeting from it via SMS. Via a tweet, Twitter has confirmed that the tweet via SMS functionality has been disabled and that the company is exploring options for delinking phone numbers from two-step authentication needed for secure access to accounts. The company also blames mobile carriers for not taking steps to prevent such fraud from happening. [caption id=“attachment_6509911” align=“alignnone” width=“1280”] Twitter CEO Jack Dorsey. Image: Reuters[/caption] SIM swap fraud is a very simple exploit involving phishing and social engineering. A fraudster need only acquire enough personal information on a user to convince a mobile carrier that the victim’s phone was stolen or the SIM lost. Carriers, after a minimum of verification, issue a new SIM with the victim’s number. Fraudsters can use this SIM to access a target user’s OTP codes from banks and personal accounts, and in Dorsey’s case, his Twitter account.
SIM swap fraud is a very simple exploit involving phishing and social engineering.
Advertisement
End of Article