Another day to take caution of sim swap attack

[Rikafip]

How is a sim swap possible?

All that you need for successful sim swap is one incompetent and not enough educated person working for those telecommunication companies and that's probably what happened here.

Still, its baffling that people like Bitalik are not taking better care of their social media accounts and still use mobile phone number for 2FA, when they know (or at least they should) what kind of damage hacjker can do if he gets control over it.

[Crypt0Gore]

Pray you don't become a victim to sim swapping attack, even if you act very fast and report the issue it's still not the end, There was a story online about a man in New Jersey who was a victim and reported back to his service provider customer care, they fixed the issue and he believed them, few months later they stole all his crypto assets.

If a culprit is working as the customer service in the sim company then this is possible, this was what everyone starts thinking, sometimes, this evil act can also come from those within your circle, someone very close can install some spying software in your phone without you knowing, this is why I don't give up my phone to any family and relatives, it takes seconds to minutes to install something you don't know on your smartphone and they will keep spying on you.

[Lucius]

How is a sim swap possible?
Here in my country before you request anything from the sim carrier like requesting for sim replacement you need to provide a selfie and submit a few documents for verification. So how does Vitalik Buterin fall to this attack?
~snip~

I also wondered that until I once had to replace my old SIM and I went to the physical office of my operator who only asked for my existing mobile number and nothing more - in one minute I had a new SIM card. I never thought of using a mobile number for 2FA before (and especially after that), and as for how Mr. Vitalik managed to lose his account is something that speaks volumes about how intelligent he is.

A man who has been trying to dethrone Bitcoin for 10 years and who suddenly concluded that POS is better than POW is not even capable of protecting an ordinary account on a social network.

[Razmirraz]

The victim of this attack is one of the big names who has many followers, someone like Vitalik, who is known as one of the founders of the Ethereum platform, can still be infiltrated by hackers. It's not that he already knew the risk that weak Twitter account security would be very detrimental to other people due to the influence he has, so why did he ignore this risk and not strengthen the security of his Twitter account using 2FA? Attacks via SIM cards are very easy to carry out without other security support such as 2FA. This incident teaches us to be more careful in accessing suspicious or phishing links.

[Peanutswar]

Imagine even the top valuable names get attacked their account if these person use the another layer of security to their devices like the 2FA there's a chance might be aware and have this preventive measures well right now there's no really safe in the internet reason why your credentials must be secured.
I guess this could serve as an expensive mistakes to the victim and of course possible ruins or damage Vitalik's name at this point.

[CryptSafe]

I am still wondering this whole scenario of a thing. If a computer guru, the founder of ethereum blockchain could have his phone simcard swap and got his account hacked I was also wondering how the novice that knows nothing about tech could be going through without their knowledge of being hacked.

This is the more reasons one needs to act and play safe with their devices and gadgets. Nobody can tell who the target could be. Avoid clicking on links you know nothing about. If you are not expecting a mail from anybody and you receive unsolicited messages do well to press the delete button with immediate effect to be on the safe side.

Lastly, take Cognizance of your call log and activities. Never give your phone to strangers for a minute call or whatsoever otherwise you will have yourself to blame when the repercussion comes knocking at the door.

[Xal0lex]

The phone has always been a weak point for crypto users, especially when it comes to making any crypto transactions, gaining access to an account or other confirmation methods. I prefer to trust passwords, two-factor authentication and email confirmation for any login attempt with a new device or new IP.

The Quickstart Guide to Protecting Against SIM Swaps

[sokani]

I am still wondering this whole scenario of a thing. If a computer guru, the founder of ethereum blockchain could have his phone simcard swap and got his account hacked I was also wondering how the novice that knows nothing about tech could be going through without their knowledge of being hacked.

You don't need to wonder how it happened because sim swap is not new and the hacker had help from someone in the telecommunication company. As a tech expert and with the incessant cases of sim swap on the rise, I expected him to fortify his account with another layer of security. If he had added 2FA to his Twitter account, it would have made it impossible for the hacker to hijack the account and send the phishing link. Sadly, persons who fell for the click bait have to learn the hard way and newbies can also learn from this.

[CryptSafe]

I am still wondering this whole scenario of a thing. If a computer guru, the founder of ethereum blockchain could have his phone simcard swap and got his account hacked I was also wondering how the novice that knows nothing about tech could be going through without their knowledge of being hacked.

You don't need to wonder how it happened because sim swap is not new and the hacker had help from someone in the telecommunication company. As a tech expert and with the incessant cases of sim swap on the rise, I expected him to fortify his account with another layer of security. If he had added 2FA to his Twitter account, it would have made it impossible for the hacker to hijack the account and send the phishing link. Sadly, persons who fell for the click bait have to learn the hard way and newbies can also learn from this.

It all points towards my curiosity and making it pertinent that one must be careful and be able to protect their details safely so as to avoid hack or if per adventure any attempt is made, there would be a prompt from the end of the account owner but what baffles me on is that the victim is a computer guru himself and a founder of the Second largest blockchain itself. He is the list person I would hear about suffering hack from scammers when in the reality he himself knows more about the industry and how it works.

[albon]

Just like not your keys not your coins is repeated on the forum, it seems sim swap attack warning/awareness needs to be spread as such.

It is not news again that co-founder of Ethereum Vitalik Buterin had his twitter(X) account hacked. This lead to a phishing link been posted and many lost their funds.

Now Vitalik himself has come out to said the attack was through his T-Mobile phone number by sim swap and the hacker got access to his X account through requesting for the authentication through phone number.

Vitalik is one of the most prominent names and personalities in the crypto market, and he is not the only one exposed to a sim swap attack. I can say that many prominent figures like him were exposed to this attack previously, such as Jack Dorsey. The sim swap attack has been common for years. Scammers use it after deceiving the mobile network operators under any pretext to obtain the new SIM cards of prominent and influential people who have accounts containing millions of followers and substantial financial accounts so that they can obtain calls and messages to the victims’s SIM cards so that they can hack their accounts.

What I know is that it is an attack targeting specific people and not a random attack. Also, as the OP mentioned, some signs are easy for anyone subjected to this attack to recognize. Still, he must be on the lookout for his phone, which has a SIM card constantly. He must link his accounts instead of two-factor authentication to the SIM number, which must be done through the Google Authenticator application or YubiKey or GoogleTitan Key.

[Z390]

Sim swap attacks are real, I am surprised that someone like him isn't taking this very seriously, he should know better than anyone else, I refused to link my phone number to any crypto or social media account, I believe that those who works in the telecom companies can easily sim swap anyone numbers.

My advice is people should stop using their phone numbers as the only way to access their social account, bank account and crypto exchange accounts, make sure you set up three ways of receiving verification codes before you can log into your accounts, I used to add phone numbers, but now I don't.

Now I prefer to use a special code that's know to me, a code to my email account, and another code through 2FA authentication, for hackers to get into my account, they will need all these codes at once, it will be extremely hard for them to get all the codes. 

[Saint-loup]

How is a sim swap possible?

All that you need for successful sim swap is one incompetent and not enough educated person working for those telecommunication companies and that's probably what happened here.

Still, its baffling that people like Bitalik are not taking better care of their social media accounts and still use mobile phone number for 2FA, when they know (or at least they should) what kind of damage hacjker can do if he gets control over it.

In some countries you don't even need to mislead a telecommunication company employee with social engineering. Because phone numbers have a "Porting Authorisation Code" allowing them to be bounded(ported) to a new SIM card. So if someone knows this code he can steal your phone number, and receive SMS and calls on his phone.
https://en.wikipedia.org/wiki/Porting_Authorisation_Code