How realistic is this threat? I would think that the employees would have to jum... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kbolino 7 months ago \| parent \| context \| favorite \| on: Why are banks still getting authentication so wron... How realistic is this threat? I would think that the employees would have to jump through hoops that require you to be present (or at least a lot more of your info to be stolen than just your name and number) and that the home network would detect a duplicate E.164 number with conflicting IMEI/IMSI numbers and locations pretty quickly.

kbolino 7 months ago [–]

FWIW: https://en.wikipedia.org/wiki/SIM_swap_scam

This is more like confused deputy than collusion (though that can happen as well), but nevertheless the end result is somebody else ends up with your number, and your device gets deactivated.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact