Jul 27 2022
Telstra has announced they will be extending their two-step verification process to include multiple interactions, by the end of this month. The move is to improve security for customers accessing their Telstra accounts, after an increase in “SIM swap” attacks.
Telstra will join Optus, which implemented its multi-factor identification process on June 27. Vodafone has not yet released details of its multi-factor process or release date yet, however, is expected to roll out shortly.
What is a SIM Swap attack?
A SIM swap attack, also known as SIM splitting or SIM hijacking, is a type of account takeover fraud. Cybercriminals are gathering information that is widely available on individuals vis social media and other channels, then using that to then target a person’s mobile number. The attacker then deceives the service provider (eg. Telstra representative) into porting the number to an alternative SIM card, owned by the attacker (usually by saying it was lost/stolen).
Once the attacker has access to the number, they will then receive the target’s text messages and phone calls. Using these text messages, they will then utilise standard two-step verification codes via text. They can then access bank accounts, online shopping accounts, credit cards, social media accounts and more.
Types of verification:
Expanding on the standard one-time code to SMS verification, service providers have now extended these to include biometrics (face and fingerprint ID), a PIN number, or a one-time verification code sent to phone or email. Some service providers may also encourage the use of an Authenticator app, which resets an access code, every thirty seconds.
Can you disable it:
Like all security systems in place, there will be work-arounds to using these multi-factor verifications. However, if you just read the above, it is unlikely you will want to. It is strongly advised that you do not disable these verifications, for your cyber security.
Cyber criminals and service providers are continually working towards their goals. Cybercriminals to find new ways to steal your data and use it for financial gain, and service providers to stop them. Utilising the security features made available to the consumer is important. And, if you do have any concerns for your cyber-safety, contact your IT Professional.
Like this article? Follow us on Facebook for access to blogs, information and more!
