Scattered Spider: New Cyber Attack Targets Telcos
CrowdStrike details a campaign that combines social engineering, smishing and remote code execution to infiltrate the systems of telcos, sometimes with the intention to perform SIM swaps.
Elon Musk Says Twitter Lost $60mn a Year Because 390 Telcos Used Bot Accounts to Pump A2P SMS
Twitter accounts were created solely to generate revenue for telcos from two-factor authentication SMS messages.
Telcos Were the First Targets of Recent Okta Phishing
Over 130 companies have been compromised by a series of attacks that built upon the data first obtained from telcos.
Is Flash Calling a Fraud?
Businesses like Whatsapp are intentionally using the A-number of calls that are not connected as a free mechanism for passing data to apps on a user’s phone.
Police Arrest Child Following $36mn Crypto SIM Swap
Canadian law generally prohibits the naming of offenders aged 17 or under.
Now You Can Buy Bots That Steal SMS OTPs
Crooks are selling software that automates social engineering. Bots call targets and ask for one-time passwords that are used to take control of bank, cryptocurrency and PayPal accounts.
All UK Mobile Operators Offer Anti-Fraud API That Confirms If Phone Numbers Belong to Users
The Number Verify product checks if a phone number submitted via a web form matches the number of the device being used.
¥27mn Stolen from NTT Docomo E-Money Accounts
Criminals made withdrawals from bank accounts linked to payment apps provided by Japan’s leading mobile operator and five other businesses.
Telco Staff Targeted by New Custom Spear Voice Phishing Attacks
Criminals phone staff as they work at home, then tell them to log on to phishing websites that look like corporate portals.
FBI Warns SIM Swapping Has Undermined Multi-Factor Authentication
The US Federal Bureau of Investigation wants businesses to consider using stronger authentication methods like biometrics.