A phone-based attack, also known as a SIM-swap or phone porting attack, involves an attacker gaining control of a victim’s mobile phone number by transferring it to a device they control.
This is often carried out through identity theft or social engineering tactics targeting mobile network customer support representatives.
Any account that uses SMS-based two-step verification or allows phone-based account recovery is potentially vulnerable to this type of attack.
🔐 How to Protect Your Kauri.Finance Account
To reduce the risk of a phone-based attack, it is strongly recommended that you use a stronger form of two-step verification, such as:
-
Two-Factor Authentication (2FA) with a security key
-
A Time-Based One-Time Password (TOTP) using a mobile authenticator app like
Duo Mobile or Google Authenticator
These methods are significantly more secure than SMS-based verification.