Hacker News new | ask | show | jobs
by jdee 4670 days ago
Without going into details there are vulnerabilities that are being exploited today that are netting fraudsters millions a day and there is very little can be done to stop them.

The most interesting thing you learn about these fraud teams is that it is a job to them - meaning they work 9-5.30, dont work weekends or holidays. This is industrialised fraud on an enterprise scale.

If you wanted my advice: Dont trust any 2 factor authentication system that uses your mobile unless its for a large bank

Dont data roam with your mobile when abroad, better still, leave your mobile at home.

Before doing anything secure with your phone, call it to ensure its not been redirected

Dont say anything in a call that you wouldnt want played back to you at some point in the future...
1 comments
616c 4670 days ago
I do not offer to buy things often from stuff posted on HN.

PLEASE WRITE A BOOK. I would most definitely buy your anecdotes, and even more for anecdotes that motivated this advice to pass of to people.

Also, how did you get into the line of work you are in?

link
jdee 4670 days ago
Joined a startup as CTO/investor at an IVR company. Built up 4 years domain knowledge working with telephony fraud. exited a month ago as part of a $150m sale.

Final anecdote. A certain attack requires the fraudster to call the target's bank and ask a few questions. For some reason in ALL of these calls there is the sound of a baby crying in the background.

Our theory is that while testing the attack vector, the first time it 'worked' a baby must have been crying. The fraudsters think it works as some kind of high frequency disruption to confuse any biometric systems that are processing the call, so they play a RECORDING of a baby in the background of all subsequent calls.

It reminds me of learned behaviour in animals. The pigeon stands on one leg and gets a treat. The pigeon now thinks the one legged approach is what makes the treat appear.

The icing on the cake was when I got a call from a bank asking if there are any biometric systems that can detect the sound of crying babies...

link
ballard 4669 days ago
I was joking. :) But that is funny.

"To paraphrase Felix Dennis, 'It is like watching a millionaire point his finger at the sky, then running out to write books with titles like `How to Become A Millionaire by Pointing at the Sky`, when all along the millionaire was just trying to show people the glory of the sunset."

http://www.kiasuparents.com/kiasu/forum/viewtopic.php?t=2264...

link