all InfoSec news
Bank of America is using phone numbers from 3rd party databases that they guess are linked to you to authenticate and verify users when you call support. Major vulnerability, why isn’t this a big story?
Feb. 18, 2024, 3:38 a.m. | /u/RevolutionaryJob6784
cybersecurity www.reddit.com
1. I recently called Bank of America’s credit card fraud department.
2. To verify my account, they said they needed to text me a code, and they listed off a couple of phone numbers that I had never heard of before.
3. After verifying with my real number, I asked them how those numbers got added to my account because I’m not familiar with them and I never added them.
4. They told me these numbers …
account america authenticate bank bank of america big call called card card fraud credit credit card credit card fraud cybersecurity databases department fraud isn major numbers party phone phone numbers story support verify vulnerability
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
EY- GDS- Cybersecurity- Staff
@ EY | Miguel Hidalgo, MX, 11520
Staff Security Operations Engineer
@ Workiva | Ames
Public Relations Senior Account Executive (B2B Tech/Cybersecurity/Enterprise)
@ Highwire Public Relations | Los Angeles, CA
Airbus Canada - Responsable Cyber sécurité produit / Product Cyber Security Responsible
@ Airbus | Mirabel
Investigations (OSINT) Manager
@ Logically | India
Security Engineer I, Offensive Security Penetration Testing
@ Amazon.com | US, NY, Virtual Location - New York