lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Server stats:

66
active users

#simswapping

0 posts0 participants0 posts today
Efani<p>$38,000… GONE while he was sleeping.</p><p>That’s how fast SIM-swapping can destroy your financial life.</p><p>In just 3 hours, a hacker took over Justin Chan’s phone number, intercepted his two-factor codes, and emptied his bank and trading accounts. No alarms. No notifications. Just silent access and drained funds.</p><p>It didn’t happen because he was careless.<br>It happened because the attacker exploited a broken system:</p><p>- His mobile carrier transferred his number to a new device without proper checks<br>- His 2FA codes were sent to that new device<br>- His bank and investment apps trusted that number</p><p>This is the $38,000 mistake most people never see coming. Because by the time you realize something is wrong — it’s already too late.</p><p>The worst part? Getting the money back was harder than the hack itself.<br>It took media pressure, endless follow-ups, and months of stress just to get refunded.</p><p>Mobile numbers are the new master key — and most people are handing them out unlocked.</p><p>If your 2FA is tied to your phone number, it's time to change that.<br>If your carrier doesn’t lock down your SIM by default, it’s time to upgrade.<br>And if your bank’s idea of protection is a form letter and a closed case, don’t wait for a wake-up call at 3AM.</p><p><a href="https://infosec.exchange/tags/SIMSwapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMSwapping</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/MobileSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileSecurity</span></a> <a href="https://infosec.exchange/tags/2FA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>2FA</span></a></p>
KrebsOnSecurity RSS<p>Feds Charge Five Men in ‘Scattered Spider’ Roundup</p><p><a href="https://krebsonsecurity.com/2024/11/feds-charge-five-men-in-scattered-spider-roundup/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">krebsonsecurity.com/2024/11/fe</span><span class="invisible">ds-charge-five-men-in-scattered-spider-roundup/</span></a></p><p> <a href="https://burn.capital/tags/AhmedHossamEldinElbadawy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AhmedHossamEldinElbadawy</span></a> <a href="https://burn.capital/tags/EvansOnyeakaOsiebo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EvansOnyeakaOsiebo</span></a> <a href="https://burn.capital/tags/Ne" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ne</span></a>'er-Do-WellNews <a href="https://burn.capital/tags/NoahMichaelUrban" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NoahMichaelUrban</span></a> <a href="https://burn.capital/tags/ALittleSunshine" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ALittleSunshine</span></a> <a href="https://burn.capital/tags/JoelMartinEvans" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JoelMartinEvans</span></a> <a href="https://burn.capital/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScatteredSpider</span></a> <a href="https://burn.capital/tags/SIMSwapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMSwapping</span></a> <a href="https://burn.capital/tags/Mailchimp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mailchimp</span></a> <a href="https://burn.capital/tags/Namecheap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Namecheap</span></a> <a href="https://burn.capital/tags/Joeleoli" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Joeleoli</span></a> <a href="https://burn.capital/tags/lastpass" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lastpass</span></a> <a href="https://burn.capital/tags/T" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>T</span></a>-Mobile <a href="https://burn.capital/tags/Kingbob" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kingbob</span></a> <a href="https://burn.capital/tags/ogusers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ogusers</span></a> <a href="https://burn.capital/tags/Oktapus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oktapus</span></a> <a href="https://burn.capital/tags/Twilio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Twilio</span></a> <a href="https://burn.capital/tags/Tylerb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tylerb</span></a> <a href="https://burn.capital/tags/Okta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Okta</span></a> <a href="https://burn.capital/tags/Sosa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sosa</span></a></p>
Richi Jennings<p>Widespread spam targets carrier employees, as scrotes try harder to evade two-factor authentication.</p><p>It’s no secret that cellular carrier reps are subject to bribery. Here’s a great example. Yes, again with the <a href="https://vmst.io/tags/SIMswapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMswapping</span></a>.</p><p>Someone seems to have stolen a contact list of T-Mobile employees and is texting them offers of bribes to execute SIM swaps. But T-Mobile denies it’s been hacked… again.</p><p>Here’s the soft underbelly of the insider threat model. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SBBlogwatch</span></a>, we balk at the three-Benjamin bribes. At @TechstrongGroup’s @SecurityBlvd: <a href="https://securityboulevard.com/2024/04/sim-swap-bribe-t-mobile-300-richixbw/?utm_source=richisoc&amp;utm_medium=social&amp;utm_content=richisoc&amp;utm_campaign=richisoc" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityboulevard.com/2024/04/</span><span class="invisible">sim-swap-bribe-t-mobile-300-richixbw/?utm_source=richisoc&amp;utm_medium=social&amp;utm_content=richisoc&amp;utm_campaign=richisoc</span></a></p>
The New Oil<p>Former telecom manager admits to doing SIM swaps for $1,000</p><p><a href="https://www.bleepingcomputer.com/news/security/former-telecom-manager-admits-to-doing-sim-swaps-for-1-000/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/former-telecom-manager-admits-to-doing-sim-swaps-for-1-000/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mastodon.thenewoil.org/tags/SIMSwapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMSwapping</span></a> <a href="https://mastodon.thenewoil.org/tags/InsiderThreat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InsiderThreat</span></a></p>
Benjamin Carr, Ph.D. 👨🏻‍💻🧬<p><a href="https://hachyderm.io/tags/SEC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SEC</span></a> confirms X account was hacked in <a href="https://hachyderm.io/tags/SIMswapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMswapping</span></a> attack<br>"Two days after the incident, in consultation with the SEC's telecom carrier, the SEC determined that the unauthorized party obtained control of the SEC cell phone number associated with the account in an apparent 'SIM swap' attack."<br>In a <a href="https://hachyderm.io/tags/SIMswap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMswap</span></a> attack, threat actors trick a victim's wireless carrier into porting a customer's phone number to a device under the attacker's control. <a href="https://www.bleepingcomputer.com/news/security/sec-confirms-x-account-was-hacked-in-sim-swapping-attack/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/sec-confirms-x-account-was-hacked-in-sim-swapping-attack/</span></a> <a href="https://hachyderm.io/tags/Bitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bitcoin</span></a> <a href="https://hachyderm.io/tags/BitcoinETF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BitcoinETF</span></a></p>
Benjamin Carr, Ph.D. 👨🏻‍💻🧬<p><a href="https://hachyderm.io/tags/HomelandSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HomelandSecurity</span></a> report details how teen <a href="https://hachyderm.io/tags/hackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackers</span></a> exploited security weaknesses in some of the world's biggest companies<br><a href="https://hachyderm.io/tags/Lapsus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lapsus</span></a>$, as well as other hacking groups, conduct <a href="https://hachyderm.io/tags/SIMswapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMswapping</span></a> attacks that can take over a victim's phone number by having it transferred to another device, thereby gaining access to <a href="https://hachyderm.io/tags/2FA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>2FA</span></a> security codes and personal messages. These can then be used to reveal login credentials and access financial information.<br><a href="https://www.cnn.com/2023/08/10/politics/dhs-hacking-report/index.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cnn.com/2023/08/10/politics/dh</span><span class="invisible">s-hacking-report/index.html</span></a></p>
Anthony Collette :donor: / Loistava<p>Psycho Bunny To The Rescue</p><p>After gaining control of her phone, hackers ripped off Avery Hartmans for $10,000.</p><p>Even worse, her credit card company didn’t believe the charges were fraudulent. Three weeks shy of her wedding, she was saddled with $9,778.24 in debt.</p><p>This interactive retelling of her ordeal is an awesome way to introduce people to the reality of organized crime attacking ordinary consumers through SIM swapping and physical theft of credit cards.</p><p>You don’t have to be “somebody special” to wind up on the receiving end of digital fraud.</p><p>And half of all victims of identity theft wind up being victimized again.</p><p>This is a great read, and the interactive pieces make the story more engaging.</p><p><a href="https://www.businessinsider.com/credit-card-phone-theft-sim-swap-identity-theft-investigation-2023-4" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">businessinsider.com/credit-car</span><span class="invisible">d-phone-theft-sim-swap-identity-theft-investigation-2023-4</span></a></p><p><a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a><br><a href="https://infosec.exchange/tags/SIMSwapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMSwapping</span></a><br><a href="https://infosec.exchange/tags/PsychoBunny" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PsychoBunny</span></a></p>
Anthony Collette :donor: / Loistava<p>Psycho Bunny To The Rescue</p><p>After gaining control of her phone, hackers ripped off Avery Hartmans for $10,000.</p><p>Even worse, her credit card company didn’t believe the charges were fraudulent. Three weeks shy of her wedding, she was saddled with $9,778.24 in debt.</p><p>This interactive retelling of her ordeal is an awesome way to introduce people to the reality of organized crime attacking ordinary consumers through SIM swapping and physical theft of credit cards.</p><p>You don’t have to be “somebody special” to wind up on the receiving end of digital fraud.</p><p>And half of all victims of identity theft wind up being victimized again.</p><p>This is a great read, and the interactive pieces make the story more engaging.</p><p><a href="https://www.businessinsider.com/credit-card-phone-theft-sim-swap-identity-theft-investigation-2023-4" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">businessinsider.com/credit-car</span><span class="invisible">d-phone-theft-sim-swap-identity-theft-investigation-2023-4</span></a></p><p><a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a><br><a href="https://infosec.exchange/tags/SIMSwapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIMSwapping</span></a></p>
Efani<p>&gt; 400M Twitter accounts data is on sale, among which the most critical are username, mobile numbers &amp; email. Hacker was able to provide a sample list of 1000 usernames, and our founder Haseeb Awan was able to verify many of them.</p><p>There are some serious concerns with the <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a></p><p>1 - Identities of many pseudo accounts will be public<br>2 - With a phone number, it's super easy to find anyone's address and banking information.<br>3 - Multiple phishing attempts via cellphone, physical, or email<br>4 - <a href="https://infosec.exchange/tags/simswapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>simswapping</span></a> attacks to take over your bank account, social media, or confidential information</p><p>Preventative tips:</p><p>1 - Ensure that your MFA/non-sms 2FA is turned ON for every account that you use via <a href="https://infosec.exchange/tags/Authy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authy</span></a> <a href="https://infosec.exchange/tags/GoogleAuthenticator" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GoogleAuthenticator</span></a><br>2 - Switch to <span class="h-card"><a href="https://infosec.exchange/@Efani" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Efani</span></a></span> (irrespective of biasness, we have a 100% track record of securing your phone number, and no one provided any insurance)<br>3 - Use a <a href="https://infosec.exchange/tags/passwordmanager" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwordmanager</span></a>. Keeper Security Enterprise password Manager is ideal, but <a href="https://infosec.exchange/tags/DYOR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DYOR</span></a>.<br>4 - Call your bank and tell them to put a limit on withdrawals above<br>5 - Use a hardware wallet. <a href="https://infosec.exchange/tags/NGRAVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NGRAVE</span></a> which is ideal, but <a href="https://infosec.exchange/tags/DYOR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DYOR</span></a>.<br>6 - Get Optery, getagency.com, or BLACK CLOAK for digital security</p>