BROADCASTS.com

b"

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 22 today we are discussing about SIM cloning and ID theft.If you've gone and bought a new cell phone recently,you've gone to the store, they've pulled out a little chip our of your phone and placed it into your new phone.What is that chip? Well, that's a SIM card.It's stands for subscriber identity module.This is an integrated circuit that securely stores the international mobile subscriber identity, your IMSI number,and its related key.This is what tels the cellphone towers which device is assigned to which number.Now, if someone is able to clone your SIM card,they can pretend they're you.This was very popular in the early days of cellphones because if I could pretend that I was you,I could rack up lots of long distance calls and lots of minutes used on cellular and not get charged for them.Because you would get charged for them.And so people would go through and impersonate you and they would do this by cloning your SIM card.Now SIM cloning allows two cellphones to utilize the same service.And allows the attacker to gain access to the phone's personal data.So if I'm cloning your SIM card the towers think I'm you.So if somebody sends you a text message,I get a copy and you get a copy.And so now I'm able to keep track of what you're getting.Now this is very dangerous for you.The good news is that SIM has changed its ways over the years.The first versions of SIM cards were very easy to clone,but the newer SIM version 2 cards are much, much harder.So this gives us a lot more security.Now, one of the second problems we have with mobile phones and SIM cards and phone numbers is when people try to take over your phone.And so you may think, all right, great,SIM card cloning is almost a thing of the past,version 2 has taken care of it.Well, attackers are smart and they find other ways to hijack your cellphone account.What they started doing now, is they will call up your cellphone provider and pretend to be you.This is a social engineering scheme.They'll say, I just bought a new phone and I need to get it activated.And the nice customer service agent will ask them some basic questions about themselves,like maybe their date of birth,where they went to high school, their name and address,things that you can usually find online.So the attacker pretends to be you and gives that information.The customer service agent is wonderfully helpful,and they transfer your phone service from you to the attacker.Now the attacker has a phone and a new SIM card that is now attached to your number.Why are they doing this?Why do they want your phone number?Well, it comes down to two-step authentication.A lot of websites now are using two-factor authentication where you long in and they send you a text message with a secret code that you then put into the website to verify that you are who you say you are.If the attacker is able to take over your phone number,they can now pretend to be you and long into your bank, your Facebook, your Gmail,or whatever else you have for two-factor authentication.This is becoming a big problem.And so you have to be careful where you post your phone number.Because if somebody now has your phone number,and they've already stolen your account,your email, and maybe your password,they can now take over your phone number and then take over your accounts.So this is what we call ID theft, or account takeover.So, how do we combat this?Well, one of the ways is to be careful where your post your phone number.Because if you are a victim of a data breach,and somebody has stolen your name and your address and your email,and now they have your phone number,they can preform this account takeover against you.