Corporate espionage could never be as easy as this, and Pakistan is the place, where the securest new technology becomes the most vulnerable, with ease. DESIGN: ESSA MALIK
What if I tell you that your mobile SIM can be duplicated and used by another person for different motives, without you getting to know about it, let alone your approval?
I know it’s illegal, but it’s happening. Now think beyond the misuse of your phone number, the possible impersonation itself. What about the two-step authentication you have on your Google, Facebook and other accounts? The two-step authentication requires you to enter the code it sends you on your mobile, in case you forget your password or if you login from an unknown device for the first time. And since the hacker already has your SIM, expect your Facebook and Google accounts to get compromised like a piece of cake.
This is the recent loss, some of the high-level officials on the CEO slot have faced. Corporate espionage could never be as easy as this, and Pakistan is the place, where the securest new technology becomes the most vulnerable, with ease.
Imagine the company secrets you had in your Gmail or any other Google product account that gets compromised, just because your SIM gets hijacked.
Similarly, last month, around 50 large-scale Facebook pages of well-known brands were hacked in the same fashion, in one day, as soon as their Facebook accounts got compromised after SIM hijacking, resulting in multi-million losses.
So who’s the culprit and where does the crime stem from? The answer: the black sheep dwelling within the telecom carriers – the same people who are also responsible for handing over long lists of phone numbers that belong to females, which guys later use for prank calls and other abuse.
Some of the victims of these hijackings even contacted NR3C, PTA, their respective ISPs and even the Federal Investigation Agency. None of these authorities bothered to budge.
My two cents
If you really need to put the two-step authentication on, try purchasing a separate SIM, which is only specific for this purpose, and never share that number in public.
There’s also an Android app called Anti/Android Network Toolkit that helps people hack an entire Android smartphone. People are using it for different motives such as identifying open networks through wi-fi scanning and then finding all vulnerable devices on that network, which can reveal the IP addresses of servers out of range.
Once a target device is selected through that app, “Man-In-The-Middle” feature on the app allows hackers to eavesdrop and monitor that device, apart from the most-deadly “Attack” feature, which is self-explaining in its name.
Another great crime that is being done on a corporate level, in a very sophisticated fashion, is the selling of databases and select user base data by huge local publishers and websites such as e-commerce portals, job finding sites, etc, through the help of media buying companies. So the next time you enter your phone number, NIC, address or any other piece of sensitive data, just make sure that slogan of the website, “Everything sells here”, might be literal.
That’s when you realise that the internet and law enforcing authorities in this country are a set of nincompoops and we don’t need a foreign entity like NSA, when we digitally dwell under an incompetent umbrella that doesn’t know what crimes are happening at the most part, meanwhile they’re busy banning YouTube, porn and torrent sites.
The writer runs a software company in Dubai and a healthcare startup in New York.
Published in The Express Tribune, July 29th, 2013.
Like Business on Facebook, follow @TribuneBiz on Twitter to stay informed and join in the conversation.
COMMENTS (11)
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ
what is its solution to be saved from these criminals ?
For those who are saying it can not happen, well, it happened to me courtesy of Warid. SIM was hijacked, Facebook account, Facebook business pages, everything was taken over.
Heres the entire story: http://www.koolmuzone.pk/2013/04/heres-how-we-got-hacked-thanks-to-warid-telecom/
Here's a possible solution: any and all SIMs that are released by any telecom company, must be flagged so that the exact office/retail location is identifiable. Such measures must be put in place which would make it absolutely essential for this information to be required before a SIM can be issued. This way, if any illegal SIMs are issued, at least the affectee can go back to the source of the problem and hold the person who issued the illegal SIM, responsible for the losses.
The article sounds quite convincing, not that the fact of cyber-crime in Pakistan is imperceptible, just increases the already sexed-up insecurity that you feel in your daily life.
Online financial frauds have become quite obvious now a days. The hackers get your online account information through phishing / intruding in emails and siphon out hundred of thousands.Low technical knowledge of account holders along with greed for prizes have provided extra facility to these hackers.
Adding up , this piece is more towards justifying whatever solution he might have or sell to you. Its mere marketing , no need to destroy your sims and issue new ones nor change your pw although that's something you should monthly or weekly do.
The only caution is to avoid using fb and other social media and move on in the real world . Stats show fb becoming unpopular amongst teens and once teens disown in things fade away eg my space.
Buy ps4 or Xbox one and make gaming friends , CEOs are welcome. Happy gaming.
Guys who read this need not to worry. Nothing like that happened and fb hacking is in Pakistan is just a myth. Never were your numbers used and comments here can vouch for that. Not saying it impossible , just that it doesn't happen here at all.
also, u don't know which list of female numbers he's talking about , prank calls are due to data sold to marketing agencies. It has nothing to do with gender. I wonder how the writer runs a software company...khair no wonder its based in Dubai. Well having lived there I can safely say we are safer than anyone in the online world except being on the top of NSA prism program. Contrary to the writer that is the most you have and should be worried about.
Hmmm. Awakening
@:::Slogan of the website that 'everything sells here',is not 'might be literal',it IS literal.Those who think otherwise,are living in a fool's paradise
ya i am da supar dooper hackar ya. I can hacks anythings I am first in class from gornment college