Are You Completely Safe with Multi-Factor Authentication (MFA)? — Part Two

Hieu Minh Ngo (Hieupc)
9 min readOct 18, 2020

“What’s Secure Today May Not Be Secure Tomorrow”- eff.org

Problems and Solutions

Based on my experiences in the past and present in hacking and security. These issues and solutions which you should be concerned about — that I want to focus on are around smartphones and its technologies.

Problems:

  • Hackers can manipulate you with a bit of social engineering and gather as much personal information on you to convince you to get the OTP code. The data in which the hacker can collect on you through phishing emails, malware, the dark web, or social media research becomes useful.
Figure 1. What hacker can do!
  • Hackers can impersonate you to call your mobile network operator (MNO) to do a SIM swap scam. The hacker calls your “MNO”, impersonating you and claiming to have lost or damaged their (your) SIM card. They then ask the customer service representative to activate a new SIM card in the fraudster’s possession. This ports your telephone number to the hacker’s device containing a different SIM. Or, they may claim that they need help switching to a new phone or need help to get a new SIM replacement. With your phone number on hands, they can do lots of damage like stealing your Facebook, Gmail, bank account or any possible online accounts.

--

--