> official phone number

Great idea unless the attacker has SS7 access.

Yeah, if you're a high profile target then you need extra layers of security, but for regular folks that one weird trick is enough to make you just enough of an annoyance to make another target preferred.

But in a world with Pegasus, and telecoms in smaller vacation countries selling off SS7, etc, etc - if someone good really wants to target you normal security protocols aren't going to cut it.

▲

beeflet 5 days ago | parent [-]

I imagine it will be like SIM swapping attacks where attackers will pool all their money together, gain temporary SS7 access and conduct a ton of attacks in a short window of time. Reducing the per-attack cost.

The phone network is just not a secure channel for any sort of communication

	▲	kevin_thibedeau 4 days ago \| parent [-]
		They currently lease temporary access to specific numbers from crooked middlemen for the weak claim that they're not "buying" the numbers.

▲

wil421 4 days ago | parent | prev | next [-]

Explain how SS7 access can allow someone intercept my call back to an official number like Bank of America or a number on Fidelity a 401k support page.

▲

ElijahLynn 4 days ago | parent | prev [-]

Can you expand on what ss7 means?

	▲	dmoy 4 days ago \| parent [-]
		https://en.m.wikipedia.org/wiki/Signalling_System_No._7