The U.S. Federal Communications Commission (FCC) is adopting new rules that aim to protect consumers from cell phone account scams that make it possible for malicious actors to orchestrate SIM-swapping attacks and port-out fraud.
While SIM swapping refers to transferring a user’s account to a SIM card controlled by the scammer by convincing the victim’s wireless carrier, port-out fraud occurs when the bad actor, posing as the victim, transfers their phone number from one service provider to another without their knowledge.
SIM swapping has emerged as a serious threat, enabling threat actors like LAPSUS$ and Scattered Spider to infiltrate corporate networks. Migrating the service to an actor-controlled device gives the attackers the ability to divert SMS-based two-factor authentication codes and take over victims’ online accounts.
The development comes as the FCC said it’s also launching an inquiry to understand the impact of artificial intelligence (AI) on robocalls and robotexts.
“AI could improve analytics tools used to block unwanted calls and texts and restore trust in our networks,” the agency said. “But AI could also permit bad actors to more easily defraud consumers through calls and text messages, such as by using technology to mimic voices of public officials or other trusted sources.”
Source: https://thehackernews.com/