If your phone number is attached to all of your online accounts, you may want to review that decision. Find out why this practice is so dangerous.
If you have ever thought that your online accounts are safe from hackers, think again. Hackers can now hack your Facebook account, bank account, and other online accounts with your phone number, due to an SS7 error. So, this is not a problem for the security of your favorite websites, nor is it a problem for having weak passwords: it is a problem for entering your phone number into your accounts. One of the easiest ways for a hacker to get your phone number (if you don’t have it visible online) is by stealing your phone. Make sure the thief can’t find your phone number – or access your personal information – by activating Anti-Theft on your device:
With Pre-activated Anti-Theft, you will be able to protect your device, and all online accounts attached to your phone, in the event of a loss or theft. You can use Anti-Theft to remotely block anyone from accessing your device, erase all your data, sound an alarm (if you drop it nearby), and track the location of your phone. It’s an easy step to take to further protect your device from thieves or hackers.
The SS7, also known as the global signaling system, is a system that allows devices to communicate globally. SS7 vulnerability is what allows hackers and spies to capture messages, listen to calls from others, and track the location of smartphone users. This means they can get a text message to reset your password, or divert texts to their devices to gain access to your account.
For hackers who know how to use SS7 to their advantage, it is very easy to hack online accounts with the victim’s phone number. All they have to do is go to the Facebook homepage, click on “Forgot your account?”, And type in your phone number. After that, they will redirect the text message (which you should receive) to them, so that they can get your one-time password to log in to your account. The same strategy can be used to access your Gmail account or other social media accounts, too.
More recently, this tactic has been used to hack bank accounts and to get rid of victims’ accounts quickly. However, this process is much more complicated than hacking into a Facebook account. Hackers must first steal the victims’ passwords, phone numbers, and account information. After that, to authorize a transfer, they must find a different telephone provider to reset the one-time bank password for them. Once they have this information, they can log into the victims’ accounts to transfer money and approve the transfer because they control the entire process.
Due to this SS7 error, it is important that you never attach your phone number to your Facebook account or other online accounts. By recovering an account, you must choose to receive email alerts. This requires two-factor authentication, too. Two-factor authentication will make your account more secure – as long as you receive codes via email, not a text message. You may also want to use applications that offer end-to-end encryption – in addition to using Anti-Theft – to better protect your information.