Sunday, February 16, 2014

What Every Mobile Phone User Should Know

So I tweeted this morning about a potentially serious privacy/ security breach that anyone who uses a cellphone should be aware of. I've got the details below, but a little background first.

I recently bought a new sim card for a smartphone. The number I was issued had been 'recycled'; i.e. it had been used by someone earlier who had then returned it. Small problem: 'Vishal K.' forgot to inform his bank, his life insurance company and about half-a-dozen other firms who store his personal information.

The result: every few days, I receive an SMS meant for Vishal. Sometimes it's innocuous; a new sale at a store, or the usual spam texts about real estate. Gosh, I even know what RO water purifier system he uses.

But three events in particular got me very worried. The first was a series of texts from his bank. The second was a series of texts from his life insurance provider and the third was a birthday wish from a store.

I now know Vishal K's bank, his loan account number, his life insurance policy number, its premium value and his birthday. If I was your proverbial bad guy, I'd already be "social engineering" him. That would give me access to more personal data that would allow me to impersonate him.

As someone who covers cyber security, this worries me greatly. Most real world and even online services only require details such as your birth date or email or address to confirm your identity. If a hacker gets their hands on these, it's game over.

The really good hackers can make you pay, literally. In fact, you really should read this excellent and chilling piece. A reporter challenged a group of hackers to find out everything they could about him. Their creativity and skills gave them control of everything (and I do mean EVERYTHING!) in his life, except his children. Even that was only because he expressly told them his kids were off limits.

I should add here that I have already informed Vishal K's bank and life insurance provider about the problem. However, I think you can see exactly how this could have worked out very, very badly for him.

The problem here is how mobile operators assign new connections. Sometimes, new number series open up, but most new subscribers are given recycled numbers. If the person who used the number before you forgot to unregister his/ her mobile number, you are going to receive texts meant for them. There is no way to avoid this.

So, if you do change your mobile number please, please, please make sure you update this with critical service providers. Important personal information could fall into the wrong hands. Once that happens, you can easily lose control of everything from your email IDs to social media accounts or worse, your bank accounts. Stay safe! 

12 comments:

  1. Piere, I wonder if you talked to the service-provider in the capacity of a journalist. They need to be told that they can't get away with such carelessness. Thanks for this information.

    ReplyDelete
    Replies
    1. Athar, I just might do this. Vodafone's response to me was literally a shrug of the shoulders.

      Delete
  2. Recently got a Post Paid number from Vodafone Mumbai which was also a recycled Number. As it turns out this number used to belong to the owner of some transport company which is now shut. Not only that the Owner has swindled around a crore from different Banks and suppliers of his company. Now i am getting calls from these Banks, Suppliers who refuse to believe that I am not the Transport Owner. Since i got this Number for My Tablet i have Now blocked all incoming calls and only use the Data Connection.

    ReplyDelete
    Replies
    1. Thanks for your comment 'aanaik'. I did exactly the same thing. It means no more calls, but the texts continue. In my case, Vishal K's bank was accommodating and said they would get in touch with him ASAP and delist this number. His life insurance company only said 'Sorry for the inconvenience'.

      Delete
  3. Real eye opener Bro
    Good job....proud of you

    ReplyDelete
  4. Nice post. You can't store everything on your mobile device, especially if it's something important and has to be private. I can suggest dataroom software from my own experience.

    ReplyDelete
  5. Mobile phone users have three or four unused phones lying around. samsung galaxy s8 cases

    ReplyDelete
  6. There are many designs and models available. Candybar models are the most common design. They are narrow and easily fit into a protective case. nokia 3 5 6 android phone

    ReplyDelete
  7. Those are some of the top providers of cell phone plans for seniors in the US. It all depends to the user on what type of plan and carrier will be suited for his or her lifestyle since all rates are competitive. nigeria education news now

    ReplyDelete
  8. Times are hard right now and who doesn't need an additional couple of pounds in their pocket? A fast and simple approach to profit online with least exertion is to offer old cell phones. visit this site

    ReplyDelete
  9. This technique won't enable you to discover mobile phone numbers be that as it may.how expensive is a 0800 line?

    ReplyDelete

Be respectful to others here or your comment will be deleted.