The experiment – How much superficiality is there in granting one’s contact
An interesting experiment by the New York Times has highlighted the high risks that are run every day, easily sharing their mobile number. The smartphone is now an extension of our body, it is carried around at all times: from the trip out of town to the workplace, in some cases even from one room to another in your home.
Precisely his being such a close and intimate tool for a person, giving his contacts superficially should not be such a used practice. Instead, we often leave the number for all kinds of things, from online forms for the use of specific services or apps to the possibility of obtaining discounts in different commercial activities. One never wonders what the consequences are, but the New York Times journalist, Brian X. Chen, wanted to shed light on the risks of easy sharing. He asked for help from Flyde, a company that operates in the field of mobile security in Palo Alto, California. A researcher, Emre Tezisci, immediately accepted Chen’s proposal with enthusiasm and, once he got his mobile number, he set about to find out as much information as possible about the owner.
The experiment – How the hacker could act Speaking of relatives
Once you know the name and surname of those closest to you, how could a hacker use this kind of information? Trying to reset the password of any online account: if the security question set was “What is your mother’s noble name?”, The scammer would have a simple life.
In the same way he would be able to respond easily if a previous address of his home were requested. Another example? In the event that the hacker also had control of the telephone contact, he would be able to manage any online access if two-factor authentication was set, which requires the receipt of a security code per message. Furthermore, having control of the number, he could defraud the family members in order to have money or a password sent to them. Remaining, instead, in the legal sphere, leaving one’s mobile number superficially, finally, exposes the person to customized advertising campaigns: the marketing agencies, in fact, would have even clearer the profile to be traced.
The experiment – suggestions
It is not completely demonizing this practice, because leaving your mobile number in certain cases is essential. Think, for example, of your bank: in the presence of suspicious payments it is able to inform the user of what happened.
Obviously there is no manual that tells which companies to trust, but it will be up to the good sense of the person to choose who to give such important information to. As such, Simon Thorpe, of Twilio, a communications company that works with telephone operators in the fight against robo-calls, has defined “the telephone number as a more identifiable element than the name”. Ultimately there are no real solutions, but there are still some small steps that can be taken. For example, if you are unsure of the reliability of a company or service, it may be wise to leave a secondary telephone number, to which too much personal information is not connected. With regard to two-factor authentication, your mobile number is not so fundamental: many companies offer physical support to verify their identity, through so-called keys or tokens; alternatively the companies themselves communicate the security code via app authenticator.