xorl %eax, %eax

Threat Analysis: Phone Verification Bypassing

leave a comment »

Here I will guide you through a common cyber-crime technique, bypassing phone verification services. As an additional security and verification control, many companies (like for example Google) require you to do some sort of phone verification in order to activate an account. No cyber-criminal would ever want to do that though as the newly created account is likely to be used for malicious activity.

As you can see from the above, the common practice in cyber-crime circles is the use of online SMS services, usually referred to as “virtual phones”. During my investigations I have identified a few different use cases of cyber-criminals using those services which are briefly listed below.

  • Verification of new accounts (for phising, fraud, etc.)
  • SMS verification for fraudulent payment transactions
  • Verification during fraudulent issuing of official documents

This is not very easy to track from a blue team perspective. However, not impossible. If you are suffering from fraudulent activities while enforcing some sort of phone verification, then this might be the reason. This means you should probably start investing in detection of software based phones as well as phones used by common providers of “virtual phones”.


Written by xorl

November 27, 2017 at 20:52

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s