5 Things You Need to Know about the T-Mobile Data Breach and SIM Swapping

sim swapping

The recent T-Mobile data breach(es) was one of the largest in history, affecting over 50 million customers. The hackers were able to access customers’ names, dates of birth, social security numbers, and other sensitive information. Most importantly, the hackers got away with the entire dataset that T-Mobile had for most of those customers.

The result is that those customers are now at a significantly greater risk of being the victim of what’s known as a SIM Swapping attack.

SIM Swapping involves convincing a mobile phone carrier to transfer a victim’s phone number to a new SIM card controlled by the attacker. This fraud is usually accomplished by being able to provide to the carrier answers to questions about personal information that the carrier then checks against the information in its dataset. This type of attack (generally) relies not on the security readiness of the individual, but on weaknesses in the mobile phone industry to gain access to your phone number.

Once the attacker has control of the phone number, they can use it to access the victim’s accounts and steal their money. It’s a particularly dangerous attack if the person relies on their phone as an element of any multi-factor authentication, especially via text message (SMS).

In this episode, we discuss:

  • What is “SIM Swapping,” and how can it be used against you;
  • Why the T-Mobile data breach(es) are so concerning;
  • The need for mobile phone companies to improve their security measures to prevent SIM swapping attacks; and
  • The steps we can all take to limit the effectiveness of this type of attack.

For more information, resources, and a transcript of this episode, check out the original post.

Why Business Email Compromise is the Cyber Criminal’s Most Devastating Weapon

business email compromise

You’ve probably heard stories like this one before: A person in a business is supposed to send a wire transfer to another business. They receive an email at the last minute, often with a panicked tone, making an urgent request – their primary bank account is unavailable, so the money will need to be sent to a different bank.

The email is from a recognized email address. It looks like their emails (with all the right typos and grammatical mistakes), and even “sounds” like them. The panicked tone and urgent demand put the reader into emergency mode – changes will have to be made quickly to get this transfer done on time. Both management and the receiving company will likely appreciate the hard work.

The money is sent, but later that day a representative from the other company calls asking about the money. It was never received. Because the new wiring instructions caused the funds to be sent to an account controlled by a hacker. And absent a miracle, it’s gone.

The email looked right. It even felt right. But it wasn’t. It was sent by a hacker. It was the result of a Business Email Compromise.

In this episode, we discuss:

  • What is a Business Email Compromise;
  • What can a hacker who gains access to a business email account do with it;
  • Why BEC scams have become so common and so lucrative; and
  • How can you protect yourself against these insidious, relentless attacks?

For more information, resources, and a full transcript of this episode, check out the original post.

The 6 Best Password Managers for Individuals and Families in 2023

password managers

We all have multiple online accounts that require us to create user accounts with a login and password. The days of reminding you not to use your pet’s five-letter name on all of your accounts should be long gone, and hopefully you’re at least making an effort to keep your passwords strong.

However, the days when we only had a handful of logins to remember are long gone as well. With so many different passwords to remember, it’s simply not possible to create and remember passwords for all those accounts that are both unique and strong.

You need a Password Manager. (more…)

8 Easy Steps You Can Take Right Now to Secure Your Personal Privacy and Identity [Podcast]

personal privacy

How can you ensure that your identity and your personal privacy are protected online? The answer likely isn’t going to be what you want to hear:

You have to make sure it’s protected. You do. You can’t rely on anyone else.

It’s true, there are threats everywhere, and with us walking around with our entire lives in our computers and smartphones, we have put all of our personal data in one convenient, well-organized package for anyone willing to try and take it.

Fortunately, a little cybersecurity goes a long way. As it turns out, there are some basic steps you can take to protect your privacy and your identity from threat actors and bad luck. In this episode of the
podcast, we return to the subject of protecting your personal information from prying eyes and malicious actors. In this episode, we focus on the small steps, the little tools, the tweaks in your regular behavior, that will dramatically improve your personal privacy.

In this episode, we discuss:

  • The options available to people who are interested in greater personal privacy protection;
  • Why being a little more secure is both easy to do and easy to ignore;
  • How a simple change in a few habits can really improve your personal privacy and help protect you from identity theft; and
  • Eight steps you can take, today, that will help secure your online personal privacy and protect your identity.

For more information, resources, and a transcript of this episode, check out the original post.

6 Easy Ways to Secure Your Personal Data and Devices [Podcast]

personal data

The speed and pace at which technology moves these days can be dizzying and hard to keep up with, even for those of us who do so as our profession. It’s almost impossible to keep up with how security and other data privacy issues evolve.

Despite the rapid changes, the new technology, and the constant threats from cybercriminals and others who are constantly trying to obtain your personal information, there are basic steps you can take to protect yourself. In this episode, we discuss six easy steps that you can take to secure your personal data and devices, and in so doing, dramatically improve your personal security.

For more information, resources, and a transcript of the episode, check out the original post.

Pin It on Pinterest