SIM swapping attacks involve tricking or bribing a phone company into assigning someone else's phone number to you; once you have the number, you can intercept SMS-based two-factor authentication messages and use them to take over accounts. Read the rest

OG Users is a forum for people who steal login credentials for online services, mostly to sell desirable login-names for popular services like Instagram; it attained notoriety when Motherboard's Lorenzo Franceschi-Bicchierai linked the forum to an epidemic of SIM-swapping attacks; a few months later, the Reply All podcast devoted an episode to the forum. Read the rest

The DOJ has indicted three former Verizon and AT&T employees for alleged membership in a crime-ring known as the "The Community"; the indictment says the telco employees helped their confederates undertake "port-out" scams (AKA "SIM-swapping" AKA "SIM hijacking"), which allowed criminals to gain control over targets' phone numbers, thereby receiving SMS-based two-factor authentication codes. Read the rest

SIM Swapping is a powerful form of fraud in which criminals convince the phone company to switch your phone number to a SIM they control; once they have your phone number, they can bypass the SMS-based two-factor authentication protecting your cryptocurrency wallets, social media accounts, and other valuable systems. Read the rest

Markets for video-game assets, sanctioned and unsanctioned, are a major target for credit-card scammers, who use bots to open fake Apple accounts using stolen cards, which are then used to buy up in-game assets that are flipped for clean, untraceable cash to players. Read the rest

Online services increasingly rely on SMS messages for two-factor authentication, which means on the one hand that it's really hard to rip you off without first somehow stealing your phone number, but on the other hand, once someone diverts your SMS messages, they can plunder everything Read the rest