Perspective from our CEO, Shahrokh Shahidzadeh
Shahrokh Shahidzadeh, the CEO of security firm Acceptto, believes that SIM swapping reflects a fundamental flaw in using two-factor authentication that relies on sending a pass code via an SMS message.
“While two-factor authentication is intended to give you a level of assurance that your accounts are only being accessed by yourself, note that they are insufficient,” Shahidzadeh tells ISMG. “In this case, the SMS messages are being used to validate a fraudulent use of your accounts but are defeated simply because the threat actor now virtually holds your phone and identity, hence most likely your emails and then all associated credentials for various services tied to your emails are also compromisable.”
Read the full article at Bank Info Securitywebsite.