Google’s Head Of Account Security Mark Risher Explains Why Cryptos Have Become A Hot Target For Cyber Criminals
Securing your online accounts from hackers requires careful attention, commitment, and a fairly good memory. Even if you try your best, there's always a chance that hackers will figure out a way in, unless you add another layer of protection. The Titan Security Key is a device from Google that will make many of your accounts virtually hacker-proof.
Mark Risher, the Head of Account Security who built the Titan Security Key explained why cryptos have become such a “hot target” for cybercriminals. He stated that the 2 Factor Authentication(2FA) that uses an SMS is to blame for the increased sim swapping cryptocurrency crimes.
What Is SIM swapping?
SIM swap scam is a type of account takeover fraud that generally targets a weakness in two-factor authentication & two-step verification, where the second factor or step is an SMS or a call placed to a mobile telephone. The fraud centers around exploiting a mobile phone operator’s ability to seamlessly port a telephone number to a new SIM.
The scam begins with a fraudster gathering details about the victim, either by use of phishing emails, by buying them from organized criminals, or by directly socially engineering the victim. Once the fraudster has obtained these details they will then contact the victim's mobile telephone provider. The fraudster will use social engineering techniques to convince the telephone company to port the victim's phone number to the fraudster's SIM.
Once this happens the victim's phone will lose connection to the network and the fraudster will receive all the SMS and voice calls intended for the victim. This allows the fraudster to intercept any one-time passwords sent via SMS or telephone calls sent to the victim, and thus to circumvent any security features of accounts.
Mark Weighs In
He began by saying:
“We commissioned some research several years ago about spam. The typical spammer would break into your account and use it purely so they could send out Viagra ads to everyone in your address book. The expected yield on one of those break-ins was thousandths of a penny. It was insignificant gain so it only worked at scale.”
The Viagara scam is similar to cryptocurrencies now. He added:
“Things like the instantaneous nature of it, the very, very low transaction fees, the frictionless nature of money moving around, the pseudonymity. All are great for legitimate users, but they really work in favour of people breaking into your account.”
He concludes by saying that it is highly advisable to use Titan Security Key if one is handling cryptocurrencies. He says:
“The Titan Key that is physically present makes SMS a non-threat. A SIM-swapper taking over a phone number is not going to give an advantage to the attackers. It is a far more robust form of 2FA than simply relying on a one-time code sent via SMS.”