Results 1 to 9 of 9

Thread: Social engineering cellphone attacks

  1. #1
    Junior Member
    Join Date
    May 2018
    Posts
    1

    Social engineering cellphone attacks

    Hello everyone - first post here, thank you in advance for your feedback.

    I have heard about social engineering attacks where someone goes into a wireless store, impersonates me, and gets a new SIM on my account. And another type where they call the call center of my cell provider and get a new phone issued on my account.

    Once they have these, they can do things like reset my email password and complete two factor authentication using the SMS codes sent to my phone, basically to steal my identity.

    I would love to hear about the best ways to protect myself against these attacks.

    Thanks so much!

  2. #2
    Junior Member TerryLewis's Avatar
    Join Date
    Dec 2018
    Posts
    3
    Hello Heretolearn,

    It's now a common topic for discussions in the IT and social engineering world. There's a great intro to mobile-based attacks as a part of the course Ethical Hacking: Social Engineering by the cybersecurity expert Lisa Bock. Seems to me, I've seen it on LinkedIn.

    Best,
    Terry

  3. #3
    Junior Member TerryLewis's Avatar
    Join Date
    Dec 2018
    Posts
    3

    It's now a common topic for discussions in the IT and social engineering world. There's a great intro to mobile-based attacks as a part of the course Ethical Hacking: Social Engineering by the cybersecurity expert Lisa Bock. Seems to me, I've seen it on LinkedIn.
    Here's the article I mentioned above - https://www.linkedin.com/learning/et...-based-attacks

  4. #4
    Administrator Steve R Jones's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    390
    My phone account is with Verizon... A person would have to know my account LogIn Information to get the whole scam started.....

    So I wouldn't worry about it...

    If they are good enough to impersonate me - then so be it. OR, I guess I could change my account all the time.

  5. #5
    Junior Member
    Join Date
    May 2004
    Posts
    13
    Quote Originally Posted by Heretolearn View Post
    Hello everyone - first post here, thank you in advance for your feedback.

    I have heard about social engineering attacks where someone goes into a wireless store, impersonates me, and gets a new SIM on my account. And another type where they call the call center of my cell provider and get a new phone issued on my account.

    Once they have these, they can do things like reset my email password and complete two factor authentication using the SMS codes sent to my phone, basically to steal my identity.

    I would love to hear about the best ways to protect myself against these attacks.

    Thanks so much!
    No one should be able to do this, but if someone walks in into a wireless store claiming to be someone they're not, and provides a level of personal details known about their victim, there are bigger issues to be addressed. Such as the security practices (of lack thereof) of the business involved. Most cellular providers I am aware of will ask for identification, such as a drivers license to ensure the person is who they say they are. This essentially mitigates the issue of impersonation.

    The other scenario described involving a perpetrator calling into a call-center, claiming to be someone else is a more plausible scenario. In fact, this scenario is more likely to occur as there is no means of providing a driver license for visible confirmation. However with businesses that operate in this nature there is usually some bit of information only known to the person that is used to validate their identity of the user. Often a social security number is used or some other confidential bit of information. Of course, if someone knows everything there is about someone else, there's not much to prevent someone from being impersonated unless a code word or password is used to validate the identity of the caller, and there are some organizations that do this.

    Not being familiar with cellular providers outside the U.S. and how they operate, perhaps these scenarios do occur, but here in the states it's practically impossible...

  6. #6
    Junior Member
    Join Date
    Oct 2020
    Posts
    6
    I think what you need to do is find a good security software and protect your phone from malware. You can do this either with software or with an antivirus program. Nowadays, unfortunately, attempts to use this type of mobile phone are very common.

  7. #7
    Junior Member
    Join Date
    Jan 2021
    Location
    Mumbai
    Posts
    4
    Thats the reason Using I use iphone it has the best security. While Android phones can be hacked easily

  8. #8
    Super Moderator rlirpa's Avatar
    Join Date
    Feb 2014
    Location
    MD, US
    Posts
    464
    Last edited by rlirpa; January 25th, 2021 at 05:21 PM.
    Rad

  9. #9
    Junior Member
    Join Date
    Oct 2021
    Posts
    15
    I believe android phones are more open sources so it's more customizable while IOS is more user-friendly. In terms of security, I believe any technologies are prone to vulnerabilities

Similar Threads

  1. Classic Social Engineering Attacks
    By Striek in forum The Security Tutorials Forum
    Replies: 10
    Last Post: December 16th, 2003, 09:30 PM
  2. Social Engineering
    By whizkid2300 in forum The Security Tutorials Forum
    Replies: 12
    Last Post: August 26th, 2003, 10:22 PM
  3. Social Engineering
    By souleman in forum AntiOnline's General Chit Chat
    Replies: 30
    Last Post: March 21st, 2002, 09:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •