this post was submitted on 16 Jun 2023
8 points (100.0% liked)
Australia
3507 readers
164 users here now
A place to discuss Australia and important Australian issues.
Before you post:
If you're posting anything related to:
- The Environment, post it to Aussie Environment
- Politics, post it to Australian Politics
- World News/Events, post it to World News
- A question to Australians (from outside) post it to Ask an Australian
If you're posting Australian News (not opinion or discussion pieces) post it to Australian News
Rules
This community is run under the rules of aussie.zone. In addition to those rules:
- When posting news articles use the source headline and place your commentary in a separate comment
Banner Photo
Congratulations to @[email protected] who had the most upvoted submission to our banner photo competition
Recommended and Related Communities
Be sure to check out and subscribe to our related communities on aussie.zone:
- Australian News
- World News (from an Australian Perspective)
- Australian Politics
- Aussie Environment
- Ask an Australian
- AusFinance
- Pictures
- AusLegal
- Aussie Frugal Living
- Cars (Australia)
- Coffee
- Chat
- Aussie Zone Meta
- bapcsalesaustralia
- Food Australia
- Aussie Memes
Plus other communities for sport and major cities.
https://aussie.zone/communities
Moderation
Since Kbin doesn't show Lemmy Moderators, I'll list them here. Also note that Kbin does not distinguish moderator comments.
Additionally, we have our instance admins: @[email protected] and @[email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I think the fault lies squarely in the hands of telcos. They're meant to send you an SMS or call you to confirm any port before it happens. If they're not following those rules they should be held liable.
On another note I wish banks and other financial institutions would provide other 2FA options in addition to SMS. It's just crazy that I have better security tech on my Steam account than my bank account.
This has baffled me for years - why don't they allow MFA through Google Authenticator or equivalent? Especially when this has been a known security issue for so long. Aussie banks are really behind the times on this one.
but they call and pretend to be you and get the number ported to the SIM they have
check out the Hot Swaps episode of Darknet Diaries
But shouldn't part of that process involve verifying the customer on the phone is currently in possession of the number? ie. Sending a text with a code and having you read the code back to them. Perhaps they manage this by fooling the victim into giving them that info through some other method.
Edit: thanks for the podcast recommendation btw, subscribed and downloading now!
They usually do the latter, by pretending to have lost their phone, and verifying through some other means, whether that be from the code, or questions.
Yeah I listened to the podcast recommended a few replies back, great episode if you haven't listened already - it's hilarious how easily they can social engineer their way into accounts once they know the process:
https://darknetdiaries.com/episode/118/