Cellphone Menace – Enter the Clones

Cellphone Menace – Enter the Clones

A long, long time ago in a galaxy far, far away, smartphones were free from viruses, phishing and hacking attacks, but fast forward about three years and things have really changed. Just a few years back, which is a long time ago in computer years, smartphone users rarely were concerned about losing their data. The biggest concern in the “olden” days was a broken screen.
Today we have a variety of issues smartphone users face and a whole host of fast evolving security measures designed to combat them. Be aware, your phone is under attack.
First, the no virus myth on a smartphones has been debunked. Smartphones do get viruses. Yes, even Apple phones. Enter the SIM card attack. What is a SIM card and why would you attack it? A SIM is a tiny plug-in chip that activates your phone. The simple explanation comes from Bing, “a smart card inside a mobile phone, carrying an identification number unique to the owner, storing personal data, and preventing operation if removed.”
SIM (Subscriber Identity Module) card swap attack. “A SIM swap attack happens when a bad actor has your SIM card information transferred from your phone onto theirs. Although this can happen if they have stolen your phone and removed the SIM card, more often this is done remotely,” according to Cryptopedia. Remotely meaning they send you a phishing message, you reply, they then have access to your SIM card. SIM ID theft only requires a simple copy and paste-like procedure once they have access.
This brings us to protecting your phone by not answering any personal questions from an email inquiry. That is phishing. Say your accountant sends you an email asking for your social security number. DO NOT REPLY. If it is a legitimate request, voice call the accountant and relay the information that way. DO NOT REPLY TO THEIR EMAIL.
Current security is Multi-Factor Authentication (MFA) that can add “extra account protection by requiring two or more credentials to log in,” according to the Federal Trade Commission (FTC). (Credentials are your username and password.) MFA requires two verifications of who you are. First are the regular credentials (username and password), then the web site sends a code that is entered during the login process. Others use biometric scans of your thumbprint or retina scans.
But wait, there is more. Already compromised are all the current modern security methods. It is a crazy Internet world. Enter 2FA authentication a two-factor authenticator that will protect you. Do you want to know more? Come back next issue for the Clone Wars sequel.