Security

Your Facebook Can Be Hacked Using Your Phone Number

If you thought your online accounts were safe from hackers, think again. Hackers can now hack your Facebook account, bank account, and other online accounts through your phone number, thanks to an SS7 flaw. Thus, this isn’t an issue with the security of your favorite websites, nor an issue of having weak passwords: it’s an issue with attaching your phone number to your accounts. One of the easiest ways a hacker can get your phone number (if you don’t have it visible online) is by stealing your phone. Ensure that a thief can’t discover your phone number — or access your personal information — by activating Anti-Theft on your device:

With Anti-Theft activated in advance, you’ll be able to protect your device, and all of the online accounts attached to your phone, in the event of loss or theft. You can use Anti-Theft to remotely block anyone from accessing your device, erase all of your data, sound an alarm (if you lost it nearby) and track your phone’s location. It’s an easy step to take to further protect your device against thieves or hackers.

Read More: Can Someone Hack My Android’s Bluetooth?

The SS7 Vulnerability

SS7, also known as the global signaling system, is a protocol suite that allows devices to communicate with one another worldwide. SS7 vulnerabilities are what allow hackers and spies to intercept text messages, listen to others’ phone calls, and track smartphone users’ locations. This means that they can intercept a text message to reset your password, or even divert texts to their devices to gain access to your account.

How Hackers Can Use Your Phone Number

For hackers that know how to use SS7 to their advantage, it’s very simple to hack online accounts through a victim’s phone number. All they need to do is go to the Facebook homepage, click on “Forgot account?”, and then type in your phone number. Then, they’ll redirect the text message (that you should receive) to them, so that they get your one-time password to log into your account. This same strategy can be used to access your Gmail account or other social networking accounts, too.

More recently, this strategy has been used to hack bank accounts and drain victims’ accounts instantly. However, this process is slightly more complicated than hacking into a Facebook account. Hackers first have to steal victims’ passwords, phone numbers, and account information. Then, to authorize the transfer of money, they have to get a fake telecom provider in order to redirect the bank’s one-time password to them. Once they have this information, they can log onto victims’ accounts to transfer the money and approve the transfer because they control the whole process.

How to Protect Your Online Accounts

Because of this SS7 flaw, it’s important to never attach your phone number to your Facebook account or other online accounts. For account recovery, you should instead choose to receive email alerts. This goes for two-factor authentication, as well. Two-factor authentication will make your account much more secure — as long as you receive codes via email, not text message. You may also want to use apps that offer end-to-end encryption — in addition to activating Anti-Theft — to better protect your personal information.

 

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Your Phone Knows Where You’ve Been. Here’s Why That Matters More Than Ever

Do you know how many places your phone can remember from just one ordinary week?…

57 years ago

Does Changing Your Password Every Week Make Your Account Safer? Myth or Fact

You’ve probably heard that changing your password every week is a smart way to keep…

57 years ago

What Happens When You Tap “Allow” on an Android App?

You install a new app, open it for the first time, and the screen pops…

57 years ago

5-Minute Monthly Phone Check: What to Review on Android

You unlock your phone to answer a quick text and, without even noticing it, pass…

57 years ago

What Happens to Your Data After You Close an App?

You open an app to order food, check your bank balance, chat with friends, or…

57 years ago

Going to Watch the World Cup? Your Phone Knows More About You Than You Think

Going to watch the World Cup? Without even noticing it, your phone follows almost every…

57 years ago