ST. LOUIS (KMOX) — Security experts say hackers are targetting smartphones more than ever.
One of the biggest concerns right now is cybercriminals circumventing one-time passcodes — or OTPs — that come by way of a SMS text message. You may receive those from banking or other financial smartphone apps.
Ori Eisen, CEO, and Founder of security firm Trusona tells KMOX News that it starts with the criminals calling your cell provider and pretending to be you.
How do they do that? Eisen says they get information about you from the internet, for example, your mother's maiden name.
"Now the telephone company thinks I'm you," Eisen says. "And I say 'I just got this new phone can you please port my number?' So when I try to log into your bank, the bank will send an SMS OTP, it's just that ... the attacker will get it, not you."
Eisen says some phone service providers allow you to set a personal identification number so that no one can make changes to your account without that PIN. He says you can also request that your provide not port your cell number without that PIN.
Eisen is the former head of the anti-fraud unit at American Express and now develops technology that replaces the need for passwords. Until passwords are obsolete, he recommends you change them, especially when you learn of a breach at an institution where you do business.