You must log in or register to comment.
Any ideas of how we can prevent his as consumers?
Don’t use sms 2fa if you can avoid it.
If you add OTP 2fa, be sure to remove sms backup.
Literally change banks if they don’t provide a non sms way. Some might not do OTP but they do have 2fa via the app.
Buy 2 yubikey (or 3) and protect everything you can with it, but most importantly your email as breaking into your email gets them into too much
Leave negative feedback on apps and services that only allow sms 2fa
Thank you for the advice I just ordered yubikeys. Gotta stay safe out there.
Awesome! I just want to double check, you did get at least 2?
It’s important to have a backup one in case you lose one as it’s not like an OTP code you get a backup code for.
Yeah I got more than one. It’s good to have redundancy.
Seems like if the carrier just gave a new sim card to a scammer without verifying they should be on the hook for the bill?
Seems like a bad ruling, but I need more info than the article provides.
A new sim card should only be obtainable in store with valid ID.
I think the complex question is how much liability should be taking on for this sort of thing. Theoretically the losses could be massive if a rich person gets scammed… Is the liability unlimited?
Bullshit. The cell provider is the only entity with the ability to transfer a number to a new sim, they are 100% responsible and liable for the transaction.
And since many services only offer 2FA via SMS, there is even more reason that cell providers should smarten the fuck up and put some proper verification measures in place.
I hope I can use 2fa Authenticator with freedom just in case.
then how about we don’t use the sim or text message as 2FA? It sucks that both bank/CRA use text message code as 2FA method.
CRA has OTP codes now.
I personally use it instead of sms now.
good to know I will upgrade to authenticator next.
