Instagram

May 18, 2018

T-Mobile Employee Made Unauthorized ‘SIM Swap’ to Steal Instagram Account

This post was originally published on this siteT-Mobile is investigating a retail store employee who allegedly made unauthorized changes to a subscriber’s account in an elaborate scheme to steal the customer’s three-letter Instagram username. The modifications, which could have let the rogue employee empty bank accounts associated with the targeted T-Mobile subscriber, were made even though the victim customer already had taken steps recommended by the mobile carrier to help minimize the risks of account takeover. Here’s what happened, and some tips on how you can protect yourself from a similar fate. Earlier this month, KrebsOnSecurity heard from Paul Rosenzweig, […]
August 16, 2018

Hanging Up on Mobile in the Name of Security

This post was originally published on this siteAn entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. Increasingly frequent, high-profile attacks like these are prompting some experts to say the surest way to safeguard one’s online accounts may be to disconnect them from the mobile providers entirely. The claims come in a lawsuit filed this week in Los Angeles on behalf of Michael Terpin, who co-founded the first angel investor group for bitcoin enthusiasts in […]
August 29, 2018

Instagram’s New Security Tools are a Welcome Step, But Not Enough

This post was originally published on this siteInstagram users should soon have more secure options for protecting their accounts against Internet bad guys.  On Tuesday, the Facebook-owned social network said it is in the process of rolling out support for third-party authentication apps. Unfortunately, this welcome new security offering does nothing to block Instagram account takeovers when thieves manage to hijack a target’s mobile phone number — an increasingly common crime. New two-factor authentication options Instagram says it is rolling out to users over the next few weeks. For years, security experts have warned that hackers are exploiting weak authentication […]
November 13, 2018

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

This post was originally published on this siteIf you own a domain name that gets decent traffic and you fail to pay its annual renewal fee, chances are this mistake will be costly for you and for others. Lately, neglected domains have been getting scooped up by crooks who use them to set up fake e-commerce sites that steal credit card details from unwary shoppers. For nearly 10 years, Portland, Ore. resident Julie Randall posted pictures for her photography business at julierandallphotos-dot-com, and used an email address at that domain to communicate with clients. The domain was on auto-renew for […]