Here's an aspect of cell phone theft that I didn't realize was a thing.  I always chalked it up as one of those hypothetical horror stories.  But apparently, it's happening with some regularity in New York.

 

A "tech guy" would then allegedly hack the stolen phones, access banking and financial apps and drain the accounts, police said. If they ran dry or the owners placed a lock on their money, the stolen phones would then be sent around the country or to Colombia to be reprogrammed and sold.

 

Got me to thinking how much harm a nefarious actor could do me if they stole my phone.  So I'll be pondering some steps to take to wipe non-essential account info from my phone.  (In addition to using cheap phones, which I previously thought shielded me from big losses if someone steals one from me.)

 

https://www.foxnews.com/us/illegal-masterminds-nyc-robbery-ring-hacked-bank-apps-resold-stolen-phones-overseas

 

NYC has fallen. RIP.

The boomers are going to love this one... but they'll also be right, this is a concern...   

 

Theoretically, If the wrong passcode goes in my phone (10x) it will wipe it.

If my phone is lost, I an wipe it remotely - but only IF it has an internet connection (for that 'wipe' command to be sent).

 

Also, two tier and facial (only) authentication stops a lot of potential issues.

 

I used to have a coupe of phones - one for the girls I was serious about, another for the girls I was playing with.

I'm now considering two phones again - one for serious use (banking etc), another for regular use (out and about - where there is a higher risk of loss).

3 minutes ago, richard_smith237 said:

I used to have a coupe of phones - one for the girls I was serious about, another for the girls I was playing with.

I'm now considering two phones again - one for serious use (banking etc), another for regular use (out and about - where there is a higher risk of loss).

 

Good info, and that's really what I was hoping to focus on here. 

 

I stuck this down in the pub because of the NYC aspect and the immigration aspects of the story, which will be controversial.

 

But for me, the takeaway is that people a lot more tech savvy than I am may have some pointers...  TBH, I don't know what a tech savvy bad guy can do to get around security measures, and how quickly.  And I don't have a backup phone that would allow me to cancel my accounts faster than I can get back to the hotel room and do it on my laptop.  Nor had I even considered that urgent.  Now, I do.

 

 

 

14 minutes ago, richard_smith237 said:

The boomers are going to love this one... but they'll also be right, this is a concern...   

 

Theoretically, If the wrong passcode goes in my phone (10x) it will wipe it.

If my phone is lost, I an wipe it remotely - but only IF it has an internet connection (for that 'wipe' command to be sent).

 

Also, two tier and facial (only) authentication stops a lot of potential issues.

 

I used to have a coupe of phones - one for the girls I was serious about, another for the girls I was playing with.

I'm now considering two phones again - one for serious use (banking etc), another for regular use (out and about - where there is a higher risk of loss).

Facial isn't even secure as in the past since AI programs have improved. They can clone your image and your voice easily enough to bypass those security features

16 minutes ago, Dan O said:

Facial isn't even secure as in the past since AI programs have improved. They can clone your image and your voice easily enough to bypass those security features

 

Valid point...   and the two factor authentication may not be so great as where does it authenticate to ???

 

Authenticator app on our phones !!! 

 

 

The only answers I have for this are 'don't loose your phone' but of course, we know that happens..... so at the very best, do not be complacent with your phone... its a lot more valuable to you than the phone itself is worth.

 

 

So, the two phone solution is an option... and only carry the low-risk phone when socialising etc or in slightly higher risk (of loss) situations... 

 

The issue of course, is... mutlple phones.

I already have two phones.

- My phone (that has everything on it)

- Work Phone (that has 'work only stuff - thats either at work or at home, I never take it out)

 

So, I'd need a 3rd Phone... and use my primary phone for all communications and daily life etc...  and perhaps one banking app with a lower limit (for convenience of daily use)... and have the Banking apps, and e-mails, authenticators etc... 

 

A lot of hassle...   

 

 

 

 

Do what ever you think to protect it, but a true hacker can get into your phone and get about everything.  So, bottom line don't lose it.  Or, if you do hopefully it will be in a Thai taxi.

Maybe my unwillingness to use my phone for business is grounded after all. 

First, someone has to get my phone. And then he must be a real bad guy and a good hacker or know a good hacker. How likely is that?

Personally, I have my phone in my pocket or my hand. I never leave it somewhere on a bar or anything like that.

Who will rob my phone out of my pocket?

Not impossible, but the chance is very low. And then the chance that is it a sophisticated hacker is very low.

So, at least IMHO, this is no problem to worry about.

 

11 minutes ago, OneMoreFarang said:

Who will rob my phone out of my pocket?

 

You would be surprised how many phones get stolen out of someone' pocket without him realising it.

 

Happened to me, and I know several others.

 

13 minutes ago, OneMoreFarang said:

And then the chance that is it a sophisticated hacker is very low

 

And how about when it is stolen on purpose, or on order by professional hackers?

Governments are pushing peasants towards digitalization.

That day, It will be more funny than the roller-coaster. 

There is a reason why my mobile phone  is only used to make calls and send sms messages !

Heard about someone who had their phone snatched out of their hand while they were using it , so the thief kept it unlocked and managed to change the facial recognition settings so they were able to log into the victim`s bank account and clean it out . That`s why I will never do banking on my phone . 

24 minutes ago, BenStark said:

So come on tell us, which soi you picked up your hi-so wife? Was it soi 4 or soi 7? Forgive it was soi 3

 

1 hour ago, OneMoreFarang said:

First, someone has to get my phone. And then he must be a real bad guy and a good hacker or know a good hacker. How likely is that?

Personally, I have my phone in my pocket or my hand. I never leave it somewhere on a bar or anything like that.

Who will rob my phone out of my pocket?

Not impossible, but the chance is very low. And then the chance that is it a sophisticated hacker is very low.

So, at least IMHO, this is no problem to worry about.

 

Agreed... I think many of us are banking on the likelihood of a 'lost phone' getting into the hands of an advaned hacker before we can wipe it to be extremely slim.

 

Then of course there is 'vigilance'... I too never leave my phone out of the surface (in a busy area and never leave my phone unattended).

 

There is still a risk of loss etc (i.e. if properly pished up and it slips out of my pocket in a taxi - but that has never happened).

 

For Iphone users, you can either lock your phone if lost or wipe it clean if stolen, using icloud.com

I don't know about android phones.

2 hours ago, BenStark said:

And how about when it is stolen on purpose, or on order by professional hackers?

That could be an issue.

But if you are on that level that professional hackers really target you, then I guess you should have enough security in place that you can't get easily hacked.

2 minutes ago, OneMoreFarang said:

That could be an issue.

But if you are on that level that professional hackers really target you, then I guess you should have enough security in place that you can't get easily hacked.

 

I think you missed my point. Most people have bank apps on their phone these days, so everyone is a target

17 minutes ago, BenStark said:

I think you missed my point. Most people have bank apps on their phone these days, so everyone is a target

My bank apps need my fingerprint. I guess that is standard for all of them.

So, they need not only my phone but also the (correct) finger.

Maybe I am mistaken, but as far as I know it is not easy to hack the fingerprint sensor without having a fingerprint from that person.

5 hours ago, richard_smith237 said:

The boomers are going to love this one... but they'll also be right, this is a concern...   

 

Theoretically, If the wrong passcode goes in my phone (10x) it will wipe it.

If my phone is lost, I an wipe it remotely - but only IF it has an internet connection (for that 'wipe' command to be sent).

 

Also, two tier and facial (only) authentication stops a lot of potential issues.

 

I used to have a coupe of phones - one for the girls I was serious about, another for the girls I was playing with.

I'm now considering two phones again - one for serious use (banking etc), another for regular use (out and about - where there is a higher risk of loss).

Good idea. I have a lot of funds on crypto apps on my phone. 

30 minutes ago, BenStark said:

 

I think you missed my point. Most people have bank apps on their phone these days, so everyone is a target

 

How?

 

Click on my bank app and it asks for 3 digits of my password to log in. Please explain how that bit is bypassed.

 

1 minute ago, noobexpat said:

 

How?

 

Click on my bank app and it asks for 3 digits of my password to log in. Please explain how that bit is bypassed.

 

 

That is why they are called hackers 🙂

3 minutes ago, BenStark said:

 

That is why they are called hackers 🙂

 

A quick google search says ...well not really...

 

https://www.dashlane.com/blog/common-ways-hackers-steal-passwords

 

The brute force attack can't work and thats the only one thats possible. 

1 minute ago, noobexpat said:

 

A quick google search says ...well not really...

 

https://www.dashlane.com/blog/common-ways-hackers-steal-passwords

 

The brute force attack can't work and thats the only one thats possible. 

 

Yes that is the common way. Look up the definition of common.

 

How about the article in the OP, you think that is a lie?

13 minutes ago, Neeranam said:

Good idea. I have a lot of funds on crypto apps on my phone. 

 

50 bucks of doge coin ...keep it safe! 

2 minutes ago, BenStark said:

 

Yes that is the common way. Look up the definition of common.

 

How about the article in the OP, you think that is a lie?

 

I don't know about USA banking apps. Maybe the app software had already been hacked, allowing them access. They just needed to get lucky and steal a phone with the right bank.

 

3 minutes ago, noobexpat said:

 

I don't know about USA banking apps. Maybe the app software had already been hacked, allowing them access. They just needed to get lucky and steal a phone with the right bank.

 

 

From the article

 

Parra would allegedly send out a notice for specific models of phones he wanted,

 

A "tech guy" would then allegedly hack the stolen phones, access banking and financial apps and drain the accounts, police said. If they ran dry or the owners placed a lock on their money, the stolen phones would then be sent around the country or to Colombia to be reprogrammed and sold.

 

So nothing to do with the apps. He knew which phones he could hack and which not

6 minutes ago, BenStark said:

 

From the article

 

Parra would allegedly send out a notice for specific models of phones he wanted,

 

A "tech guy" would then allegedly hack the stolen phones, access banking and financial apps and drain the accounts, police said. If they ran dry or the owners placed a lock on their money, the stolen phones would then be sent around the country or to Colombia to be reprogrammed and sold.

 

So nothing to do with the apps. He knew which phones he could hack and which not

 

He wanted the specific phones because he could reprogram those ones and resell ...because that was probably 99% of the phones they stole. The 1% had the right bank app he was after.

 

I think that narrative fits better than some master app cracker for every bank in the USA.

4 hours ago, bbko said:

For Iphone users, you can either lock your phone if lost or wipe it clean if stolen, using icloud.com

I don't know about android phones.

"' Prey" app  can even wipe-out phone from distance if lost or stolen

 

https://www.google.be/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiKiYjeppeEAxWFX_EDHWcMANAQFnoECCgQAQ&url=https%3A%2F%2Fpreyproject.com%2Fdownload&usg=AOvVaw3N3XkDiamKTozhg8zjED5I&opi=89978449

7 hours ago, EVENKEEL said:

Maybe my unwillingness to use my phone for business is grounded after all. 

It is.