How to Prevent Scammers from Bypassing 2FA

In early March, news broke that telecom giant T-Mobile fell victim to a hostile cyber-breach. Unfortunately, in the coming days, weeks, and months, many of the reported 400 T-Mobile customers whose data has been stolen will inevitably pay a high price for this security failure in the form of stress and financial hardship.

While the details of the T-Mobile cyber-breach remain a mystery, the playbook used by these cybercriminals to leverage this stolen data for their own financial gain is well-documented. Using the customer’s stolen PIN, cybercriminals could easily trick T-Mobile’s Customer Support Team into authorizing a SIM Swap, thereby diverting all text messages and calls to the cybercriminal’s phone.

With the newly compromised phone and the stolen customer data, the crook could easily pass through a Two-Factor SMS Verification process and gain entry into the victim’s online accounts. In fact, it only took a matter of minutes for the fraudster to drain a lifetime’s worth of savings.

Tech journalist Matthew Miller recounted his own harrowing experience of almost losing $25,000 after a cybercriminal “hijacked” his phone and attempted to purchase $25,000 worth of bitcoins from his family’s savings account. Luckily, the bank’s fraud department put a stop to the transaction.

In addition to stealing Miller’s money, the cybercriminal also deleted “decades of data” from his Google Drive and social media accounts. As a journalist who depends on his social media platform to share his work, it was a particularly devastating blow when the cybercriminal blocked over 6,000 people on his account and deleted all of his tweets. 

Although economic data on SIM Swaps is scant, there is no doubt that the economic impact of fraud overall is immense. In 2020, the Federal Trade Commission reported that US consumers lost more than $3.3 billion to fraud. As e-commerce continues to grow, this number will likely rise.

Fortunately, banks and online businesses can now fortify their Two-Factor Verification process with the help of Prove’s Trust Score™.

Prove’s Trust Score™ is a real-time measure of a phone number’s reputation. By identifying phone numbers that have been associated with a SIM swap or other suspicious activity, Prove stops would-be scammers in their tracks and prevents them from bypassing the Two-Factor Verification process. 

As cybercriminals grow more sophisticated, bolstering the Two-Factor Verification process is critical for both businesses and their consumers. Prove’s Trust Score™ does just that. If you’d like to Prove to help you, please share your details with us.

Get in touch

‍