How to Prevent Scammers from Bypassing 2FA
In early March, news broke that telecom giant T-Mobile fell victim to a hostile cyber-breach. Unfortunately, in the coming days, weeks, and months, many of the reported 400 T-Mobile customers whose data has been stolen will inevitably pay a high price for this security failure in the form of stress and financial hardship.
While the details of the T-Mobile cyber-breach remain a mystery, the playbook used by these cybercriminals to leverage this stolen data for their own financial gain is well-documented. Using the customer’s stolen PIN, cybercriminals could easily trick T-Mobile’s Customer Support Team into authorizing a SIM Swap, thereby diverting all text messages and calls to the cybercriminal’s phone.
With the newly compromised phone and the stolen customer data, the crook could easily pass through a Two-Factor SMS Verification process and gain entry into the victim’s online accounts. In fact, it only took a matter of minutes for the fraudster to drain a lifetime’s worth of savings.
Tech journalist Matthew Miller recounted his own harrowing experience of almost losing $25,000 after a cybercriminal “hijacked” his phone and attempted to purchase $25,000 worth of bitcoins from his family’s savings account. Luckily, the bank’s fraud department put a stop to the transaction.
In addition to stealing Miller’s money, the cybercriminal also deleted “decades of data” from his Google Drive and social media accounts. As a journalist who depends on his social media platform to share his work, it was a particularly devastating blow when the cybercriminal blocked over 6,000 people on his account and deleted all of his tweets.
Although economic data on SIM Swaps is scant, there is no doubt that the economic impact of fraud overall is immense. In 2020, the Federal Trade Commission reported that US consumers lost more than $3.3 billion to fraud. As e-commerce continues to grow, this number will likely rise.
Fortunately, banks and online businesses can now fortify their Two-Factor Verification process with the help of Prove’s Trust Score™.
Prove’s Trust Score™ is a real-time measure of a phone number’s reputation. By identifying phone numbers that have been associated with a SIM swap or other suspicious activity, Prove stops would-be scammers in their tracks and prevents them from bypassing the Two-Factor Verification process.
As cybercriminals grow more sophisticated, bolstering the Two-Factor Verification process is critical for both businesses and their consumers. Prove’s Trust Score™ does just that. If you’d like to Prove to help you, please share your details with us.
Get in touch
Keep reading
Read the article: Prove Launches Unified Authentication Solution with Passive, Persistent Customer RecognitionNew solution delivers measurable ROI by replacing SMS OTPs and mitigating SIM swap fraud – cutting costs, reducing abandonment, and enabling seamless customer experiences across channels.
Read the article: A Watershed Moment for Digital Banking: FDIC's New Stance on Pre-Filled Data Paves the Way for a Safer, Faster FutureIn this blog, we detail how the FDIC's new guidance, influenced by Prove's advocacy, allows banks to use pre-filled customer data for CIP. This change, empowering solutions like Prove Pre-fill®, significantly reduces friction, enhances security, and improves financial inclusion in digital banking by streamlining account opening and combating fraud.
Read the article: The Anatomy of a Systemic Failure: The U.S. Banking System as a Conduit for Transnational CrimeThe U.S. banking system is a conduit for transnational crime, with systemic failures in identity verification and a lack of oversight, enabling fraud and money laundering. Read Prove’s call to action for the financial industry.
