Flash Talk: SIM Swapping and Rethinking Identity

Flash Talks is an exclusive Flashpoint speaker series during which our analysts share insights gleaned from global cyber and physical landscapes.



The term SIM swapping has historically referred to phone number takeover using a variety of different methods. Malicious actors are hijacking and transferring phone numbers to devices under their control at an alarming rate These recent SIM swapping cases and high value fraud situations have highlighted weaknesses in the current procedures leveraged by companies to verify customer accounts. Attackers have proven that ownership of phone numbers is not reliable.

The methods used to successfully takeover an account have included password reuse, social engineering of customer service professionals, and using leaked personal information (such as SSNs) to authenticate access to and subsequently modify an account. Director of Security Research Allison Nixon will discuss some of these techniques used by attackers to successfully authenticate individuals, and why we may need to abandon the old methods.

Allison Nixon

*This Flash Talk was recorded on Tuesday, October 16, 2018.

Please submit the form below to begin playing the video: