Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Your Cell Phone and Your Identity: Keeping Your PII Safe
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Your Cell Phone and Your Identity: Keeping Your PII Safe

4 years ago Lamar Bailey
Your Cell Phone and Your Identity: Keeping Your PII Safe

Have you considered how often your phone number has been shared? Most of us give out our cell phone numbers all the time – to friends, acquaintances, colleagues, and even big, monolithic, impersonal companies. We may even print them on business cards or list them on public forums.

A cell phone is no longer just a way to contact someone to engage in conversation. It is now the quickest way to reach a large portion of the world’s population, and it is used for much more than voice conversations. Think about all the uses of a typical smart phone:

  • Text and other instant messaging,
  • Social media,
  • Photo and video creation and storage,
  • Location services,
  • Games, and
  • Many other modern conveniences.

These devices have ingrained themselves into our culture, seemingly anatomically connected to the human hand. For many people, a check of their screen time statistics is often a sobering experience. In some cases, many have contemplated ways to break up with their phone. 

Mobile Devices and Personally Identifiable Information (PII)

It is true that the phone has made our lives easier, but it has also raised our vulnerability to cybercrime. When we consider the information that we can learn from a phone number, it is easy to accept that a phone number has been classified among the other data that comprises Personally Identifiable Information (PII). This makes a phone number a target for bad actors.

One way that we make ourselves vulnerable is by listing an item for sale or requesting to buy an item from an online marketplace.Oftentimes, many of the respondents will request your cell phone number so you can communicate further about the item. At first, this seems innocent enough; using the selling sites’ messaging programs can be a bit cumbersome. However, in some cases, once you respond with your number, you will never hear from the interested party again because that is all they were after. Since the criminal now has a verified phone number, they can use the phone number to do everything from spoofing calls and texts to more sinister crimes such as account takeover attempts. The number can also be added to a list that is then sold to other cybercriminals.

Cell phone numbers and email addresses have become the fundamental forms of ID for the online world. Even though its use has been deprecated due to weaknesses in the SS7 routing protocol, it is still the primary method for two-factor authentication (2FA) for everything including your IoT thermostat, work VPN, work applications, and even your banking site. At one time, Twitter also required the use of a phone number for its 2FA mechanism, and its eventual removal of that requirement was celebrated within the security community.

Most sites support 2FA in its many forms, and you can check the 2fa.directory. It not only shows the site’s 2FA status but also includes a link to each specific site’s 2FA setup instructions.

There is very little security in place to secure your phone number, so an attacker can initiate a “SIM swap” to impersonate your phone. The attacker can then intercept any two-factor authentication codes and password reset links, allowing them to possibly gain access to your online accounts.

Protecting Yourself and Your Information

Phone-based attacks are not new, but they have become much more prevalent. These attempts can impact you at a personal or business level if your phone receives texts to validate your identity.

Some suggestions to protect yourself include:

  • If you have the option, do not use text messaging as a 2FA method. Use a 2FA app such as Duo or Google Authenticator as your 2FA choice. 
  • If you cannot use an authentication application, consider getting a separate phone number that you only use for authentication purposes. Many phones will accept multiple SIMs, allowing you to have two numbers mapped to your phone.
  • Set up a Google Voice number for your 2FA notifications. This will mask your true phone number. 
  • Most of the cell providers offer the ability “lock” your number by adding a PIN code to your account. Once a lock is set up for a number, that number cannot be transferred or “ported” to another line or carrier unless the PIN is provided.

Unless absolutely necessary, do not use your real phone number when filling in online forms. Use the “Hollywood” version of a number, that is, one that begins with 555. This is the way the television and movie industry does it so that the owner of the phone number is not harassed by curious callers.

Your phone communicates in so many different ways, it is no wonder that it is susceptible to attack, offering so much information in such a small package. Protect your cell phone number as you would any other piece of PII, as it is tied to your overall identity more than you might realize.

The post ” Your Cell Phone and Your Identity: Keeping Your PII Safe” appeared first on TripWire

Source:TripWire – Lamar Bailey

Tags: Google, Goverment, Sim, TripWire

Continue Reading

Previous New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps
Next User Created Content with Tripwire Configuration Manager

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists

5 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

1 day ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

How Samsung Knox Helps Stop Your Network Security Breach

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

1 day ago [email protected] (The Hacker News)

Recent Posts

  • German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
  • China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
  • CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
  • How Samsung Knox Helps Stop Your Network Security Breach

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT