Slashdot Mirror

← Back to Stories (view on slashdot.org)

Scammers Work Around Two-Factor Authentication With Social Engineering

Posted by Unknown on from the duh-you-need-three-factors dept.

mask.of.sanity writes "Thieves have made off with $45k after they intercepted a victim's two factor online banking codes used to verify large transactions. The scammers got the Australian executive's mobile number from his daughter, and work place details from his willing secretary. Armed with this data, they bluffed Vodafone which ported his phone number, meaning the criminals could verify the bank's two factor verification codes generated during their spending spree and the victim never knew a thing."

9 of 186 comments (clear)

  1. Not Thieves by Anonymous Coward · · Score: 4, Funny

    They didn't steal anything real.

    I don't believe in imaginary property.

    1. Re:Not Thieves by CohibaVancouver · · Score: 3, Funny

      I don't believe in imaginary property.

      Please send me all your money, via wire transfer. Thank you.

  2. Social engineering is cheating by Anonymous Coward · · Score: 3, Funny

    Magically hacking everything is so much more interesting.

    1. Re:Social engineering is cheating by thisnamestoolong · · Score: 3, Funny

      Yes, but only if you have a gun to your head and are getting a blowjob while you do it...

      --
      To the haters: You can't win. If you mod me down, I shall become more powerful than you could possibly imagine
  3. Check out CitiBank: by Anonymous Coward · · Score: 0, Funny

    CitiBusiness Online

    I'm in the process of moving everything here as they have the best security I've seen of any bank. Their customers laugh at this article.

  4. Re:Victim never knew a thing? by srjh · · Score: 5, Funny

    As someone on Vodafone in Australia, this should immediately have started ringing alarm bells.

    No way they'd have the problems fixed in 24 hours.

  5. Re:Victim never knew a thing? by tdelaney · · Score: 2, Funny

    Considering it's the Vodafail network, a 24-hour outage would be considered normal service.

  6. Re:What's the point of this story? by Arancaytar · · Score: 4, Funny

    Also, being broke is probably a pretty good strategy for avoiding these kinds of problems.

    If you're not broke, you don't need to worry either, because the scammers can soon fix that.

  7. Re:Victim never knew a thing? by FatLittleMonkey · · Score: 4, Funny

    It's disturbing when the scammers have better customer service than the actual phone company.

    --
    Science is all about firing a drunk pig out of a cannon just to see what happens.