News

Google Expert Discourages the Use of SMS-based 2FA for Securing Accounts

Mark Risher, Google’s head of account security on January 25 pointed out that a user’s account with two-step verification is susceptible to attack. According to Risher, cryptocurrencies are the major focus for hackers who use SIM swapping to take advantage of this vulnerability.

SIM Swapping Attack Has Been on the Rise Over the Past Year

Based on a media outlet’s report, Mark Risher, an executive whose role at Google is overseeing to email fraud, abuse, and identity issues, has cautioned people on the use of two-step verification. The executive said for the past year, SIM swap attack has been on the rise. Also, it has led to the loss of cryptocurrencies due to low transaction fees, the anonymity of transactions, and the ease at which money can be moved around.
SIM swapping is a method used by hackers to hijack a person’s phone number that is linked to their social media, exchange, or personal accounts. If such accounts are using the two-step verification, then the one-time password or pin will be forwarded to another number which the attacker is in control of. As such, they can gain access to the user’s account to steal cryptocurrencies.

Google’s Cryptographic Feature Discourages Spammers

On the other hand, Risher revealed that since the launch of Google’s cryptographic feature, Titan Keys, spam has been reduced. This feature links a user’s account to a particular device instead of the phone number. As a result, even if the number is changed or hijacked, the attacker will be unable to gain illegal access to accounts.
Risher also said:

There’s no code that sends over the airwaves, nothing is sent to the telcos. If your phone number has changed, we won’t even know as part of this flow, and if someone else has grabbed your phone number, they won’t have any higher credibility than a complete stranger.

Preventing SIM Swap Attack Using Google Authenticator App or Authy

Therefore, people have been advised to do away with the two-step authentication and adopt the Google Authenticator app or Authy. While either of these will prevent a SIM Swap attack, Risher has however adviced that users have a backup of QR codes that have been linked to the Authenticator app. As a result, there won’t be a permanent lockout on accounts if the device is changed.
BTCNN on January 20 reported that Michael Terpin, a victim of a SIM swap attack in January 2018, claimed to have lost over $23 million worth of cryptocurrencies. Terpin has filed charges against a suspect, Nicholas Truglia. AT & T, his mobile carrier has also been charged for allowing access to his phone number.

Related posts
cryptocurrencyDOGEdogecoinDOGEUSDElon MuskNews

More Than Just A ‘Joke Coin’: Elon Musk Reveals How He Feels About Dogecoin

For a long time, DOGE skeptics have wondered what Billionaire Elon Musk found promising about the meme-asset. And as if the Tesla CEO set out to answer their questions today, he disclosed in a very recent tweet, why he believes…
Bank of EnglandBitcoin NewsbtcusdBTCUSDCBTCUSDTcryptocurrencyCryptocurrency NewsNewsxbtusd

Bank of England Governor Andrew Bailey is Giving Crypto a Thumbs Down — Here’s Why

The Governor of the Bank of England, Andrew Bailey, at the World Economic Forum, Davos, Switzerland; on Thursday, passed a vote of no confidence on cryptocurrencies, stating that investors must get ready to suffer total investment losses eventually. “Bitcoin has no…
cryptocurrencyDOGEdogecoinDOGEUSDElon MuskNews

Be Careful! Elon Musk Warns As Dogecoin Soars On SNL Eve

In the warm-up to a special Saturday Night Live Edition featuring the self-acclaimed billionaire dogefather, Elon Musk, Dogecoin (DOGE) has recorded tremendous speculative success and is currently sprinting past the $0.6 mark in a bid to cross the $1 epic…