Beware! Sim Swappers can hijack PayPal and Venmo to steal money and other private information

Despite clear warning from researchers, that safety measures should be applied to prevent the system from getting hijacked, some tech companies are still not taking security issues seriously, and they have to face the loss, and some have not even fixed the system.

There are significant individual companies that we all are using it frequently, not knowing the fact that their users accounts can get hijack any second. Some of those companies are PayPal, Venmo, WordPress, Amazon, and Yahoo.

If we shed light on the list of apps, these are apps we are all using it for different purposes such as online shopping even for content management such as WordPress. Now comes the question that people argue is that they secure their account or change their password frequently. One thing that's common in these apps is that they all require cellphone numbers. Now if for instance, Hacker takes control of the victim's phone, in a matter of seconds they can have the control of the victim's phone number and sim, which means they can easily access to the victim's digital accounts.

When this news was made public, many people were deliberately shocked that those companies on the list are the ones who could not even think of would have authentication issues. However, according to Princeton University researchers, when outreached, some of these companies, which include Adobe, Blizzard, Microsoft, Snapchat, were successful in making the privacy of their users as their priority. Others did not take that seriously and stated that as the problem of the users.

However, the apps that have more important information as compared to others are PayPal and Venmo. They both are mode of transferring money, while PayPal facilitates a wide variety of users all around the globe, hence these apps have information of million users.

To be precise, data includes not only cell phone numbers but the bank account numbers and credit cards too.

When people got to know about the authentication policy and how dangerous it could be, they all requested to look over that problem as anyone can be the next victim.


Looking at the scenario from the other side, this policy exists. This policy is designed and used by many known apps for the convenience of its users. This policy makes it easier to reset the password if the user forgets it.

However, people see this policy more like a problem as, along with the advancement, hijacking is becoming more manageable, and using those apps is riskier.

Consumers are still appealing companies to make the privacy of the user as their top priority. However, there are specific measures that users can take from their side to ensure privacy and safety. For affected users, the very first thing (if possible) that they can be done is to unlink their hacked number from those accounts that they've used for verification. The next better strategy that can be adopted to dodge SIM swappers is to use a VoIP number, such as Google Voice. This digital number is much challenging to hijack as they are not an actual SIM number, hence reduce the risk of personal information getting revealed.



Read next: A Hacker Was Rewarded $75000 By Apple's Bug Bounty Program For Discovering Multiple Zero-Day Loopholes In Safari

No comments:

Post a Comment