Fergal Parkinson
Published on: March 21, 2023
At TMT there are a number of reasons why we’re excited about our new service TMT Authenticate, our new frictionless silent authentication service, partly because we believe that it represents the mobile ecosystem getting back on the front-foot in the fight against fraud.
However, some interesting intelligence this week from Microsoft illustrates very efficiently why things need to move forward.
Microsoft’s threat intelligence team have been monitoring the activities of a group they call DEV-1101 and who have started to sell a ready-to-go Phishing kit, which amongst other things allows fraudsters to bypass the very security mechanism designed to protect users, such as SMS One-Time Password (OTP).
Put simply, the kit includes a range of standard templates to mimic things such as Microsoft Outlook, but the really interesting thing is that it uses AI ‘bots’ to sit in the middle of the authentication process, circumventing existing 2-factor authentication (2FA).
When the victim falls for a Phishing email and ‘clicks the link’ they are taken to a web page that looks and feels like the real login page of their favourite brand, but is obviously there to harvest their login data. The AI will gather these credentials and in parallel open a login session with the real site. When the real site sends their request for a 2-factor authentication such as a one-time password, the bot will mirror that on the fake site, so the user inputs the correct code into the fake site, and the bot in turn then quickly transfers it to the real login attempt being perpetrated by the fraudster.
Microsoft say this kit was first advertised online almost a year ago, and sells for as little as $300 for the standard version and $1000 for the deluxe version.
Whilst the above is not doing anything we haven’t seen before it is of course substantially lowering the fraudsters barrier to entry and is expected to herald a massive increase in this type of crime, circumventing a OTP which let’s face it is the most common form of 2-factor authentication out there and still in use by the majority of online brands.
Why this is relevant to TMT Authenticate is also pretty simple, because it works directly in conjunction with the Mobile Network Operators who are authenticating the device from encrypted data held on the SIM card, it does not require a user to enter any credentials, so there is nothing to share with any bad guys.
Furthermore, the communication flow does not just involve the device, because the authentication messaging goes directly between the operator, TMT Analysis and the website you are trying to access, not the handset. Therefore, it’s never going to be susceptible to these kinds of so-called Man-in-the-middle attacks because there is nothing to intercept.
Last updated on September 18, 2024
"Phone number verification plays a critical role in helping to detect and prevent online fraud. TMT ID’s TeleShield product provides easy access to global mobile data, enabling us to enhance the actionable results of our MaxMind minFraud® services."
"BTS (Business Telecommunications Services) is successfully using TMT’s Velocity and Live services to check the status of mobile numbers. This way we make sure we optimize the performance of the service offered to our customers and ensure the quality of terminating traffic to all countries.”
"Working with TMT’s TeleShield service has expanded our ability to detect fraud and minimise the risk to our business. TeleShield brings peace of mind and the opportunity to stop fraud before it affects our customers’ bottom line or the service."
"LATRO relies on TMT’s TeleShield to provide the most up to date and reliable numbering qualification information within our fraud reporting tools, enabling us to protect our customer’s revenues and empowering them to defend themselves against fraudulent numbers."
"TMT is a valued partner that enables us to manage our routing costs effectively. They proactively and continuously expand their operator and country coverage while delivering exceptional customer service. We can always count on them to achieve high-quality results and look forward to our continued collaboration."
"TMT provides us with the most comprehensive numbering intelligence data through their fast and reliable Velocity and Live services. TMT is a trusted partner for us, their products ensure that we continue to optimise the best performance and service to our customers."
"TeleShield from TMT gives 42com the power to detect and target telephony fraud scams internationally, thereby protecting our company from the financial and customer experience impacts of telecommunications fraud."
"It has been a pleasure to work with the team at TMT. They have become an essential provider of accurate numbering data information and Number Portability services globally."
"Deutsche Telekom Global Carrier uses TMT ID as one of their key suppliers for Mobile Number Portability Data services. Deutsche Telekom Global Carrier uses TMT ID’s Velocity MNP solution. This is an ultra-fast query service that optimises the routing of international voice calls and A2P messaging."
We provide the most comprehensive device, network and mobile numbering data available
Contact us > Chat to an expert >
