#UK SMS BOMBER PASSWORD#
However, if you don't feel comfortable with SMS based 2FA given the nature of the data protected by an account, Opdenakker advises users “to look for an alternative service with better account security options.”Īnd there’s another important step you can take to avoid SIM swapping attacks, says Peck: “Make sure you speak to your mobile network provider and password protect your account, especially for phone calls, as this will at least reduce the likelihood of SIM swapping.” The final word
#UK SMS BOMBER SOFTWARE#
But there is another problem: “The reality is, a lot of websites don't offer a more secure 2FA option such as software tokens or even better, hardware security tokens,” says Opdenakker. Ideally, you should use something else as an extra method of authentication, such as a security key or app. Is it the most secure option? No, but it’s much better than just a username and password.” SMS for 2FA: What should you use instead? He says: “It’s another layer of defense that is still highly effective. Usually this is related to financial fraud, as opposed to just account take overs.”Īnd in fact, Peck says the benefits of having SMS 2FA over nothing are “massive.” Stuart Peck, director of cyber security strategy at ZeroDayLab agrees, saying: “This attack requires an adversary to be motivated, and the payoff has to be large enough to go to this much effort. He adds that in general the risk to the average user of accounts being compromised by mass attacks such as phishing or credential stuffing is “a lot higher.” SIM swapping is often easy to pull off by social engineering the telecom provider, but these are still targeted attacks, points out security professional John Opdenakker.
This is because it’s then a doddle for attackers to verify your account as they can simply use the text message to access your services.
Of course, if SIM swapping attacks can easily happen, there is a risk of using SMS for 2FA. If no alternative is available, SMS-based 2FA is still a better option than none.” SMS for 2FA: What’s the risk? He says: “Bitdefender highly encourages users to adopt two-factor authentication as an additional mechanism to prevent unauthorized logins.
Bogdan Botezatu, senior e-threat analyst at Bitdefender told me that the article was meant to raise awareness on the issues and challenges posed by SMS-based two-factor authentication and why users should consider replacing it with something else.
#UK SMS BOMBER FULL#
Bitdefender later clarified its tweet, which it seems was posted by its social media team without a full understanding of the issue or its implications.
0 kommentar(er)
