Cobwebs, uncover the "experience network fraud, how the internet makes me born without a penny?" The secret behind the article "

Reprint please indicate source: http://www.cnblogs.com/phoenix--/p/5381482.html

Yesterday, an article on the internet appeared on the record | Experience Cyber Scams, how does the Internet make me live without a penny? ":http://mp.weixin.qq.com/s?__biz=MzA5MTMyMjE4Mw==&mid=2652308001&idx=1&sn= 811491a6372577b33fad477f7dbe39d0&scene=23&srcid=0411coxy4vbtrjg0zhkt5f5p#rd

In fact, last year , there are similar cases:http://bbs.tianya.cn/post-no110-15223504-1.shtml

The article is long, extract the focus and analysis, the key point (Liar's breakthrough) lies in:

1. The author was maliciously subscribed to the "mobile newspaper " and was introduced into the scam.

2, using search engine search to Beijing mobile " bcc Finance half a year package " package : Http://service.bj.10086.cn/poffice/package/showpackagesjyd.action?from=bj&PACKAGECODE=TZLC&isCheck =1. As you can see, the subscription in the normal process requires the user to log on (using a service password or a random password). Combined with the context, you can see that the author later received a truly valid USIM card 6 -bit verification code, which can be inferred that the action of subscribing to the mobile phone is actually happening. And the author himself certainly did not operate, first ruled out the pseudo-base station (pseudo-base station will continue to interfere with the normal signal, will lead to the subsequent SMS verification code can not receive, impact fraud), while stating that there are the following possible:

1) The author's mobile phone service password leaked, resulting in fraud in the Internet room in a forged identity subscription to the package. (No Beijing mobile number, unable to confirm whether the subsequent operation also need SMS verification code)

2) The author's mobile phone infected with the Trojan, the subscription required SMS verification code was intercepted

3) A security vulnerability exists in the Beijing mobile web-room, resulting in bypass authentication or over-privileged subscriptions

(Why should the liar choose " bcc Finance half a year package " ? I guess that's because in a few categories of mobile newspaper, the cost is the highest, the others are below the ten yuan, too low cost can not trigger downtime operation .

3, after the subscription operation is complete. Scammers another sensitive operation (also caused by the loss of mobile phone card access to the key operation, the specific function is unknown), triggered a verification text message, was received by the author.

4, this time, the liar quickly send a allow reply (uplink) SMS notification, cheat the author reply " check code "(in fact, the liar wants to be the author in Step 3 to receive the SMS Verification Code)

Note: It is said that (not verified) 106581390 behind the mobile phone number of text messages are mobile 139 Email messages sent, in fact, is generally the contact between the text messages.

Reference 1:http://www.miui.com/thread-2264118-1-1.html

Reference 2:https://bbs.taobao.com/catalog/thread/154504-262473760.htm

5, at this time the author does not observe, fall into the liar boxing: Really will SMS verification code sent past. At this point, the liar successfully obtained the author's mobile card ownership by using the sensitive operation in 3 steps.

6, separated for half an hour (this time the liar is secretly replaced the mobile phone card!) ), cheat card success, Lou Zhu's tragedy began.

Re-reel Step 2, Step 5 , you can find that the liar is required to provide SMS verification code, you can rule out in Step 2 to assume that the victim's mobile phone Trojan May (if in, there is no need to make the victim sent), only 2 species may:

1) Scammers already have the victim's phone card service password, but the key operation of Step 3 requires additional SMS verification code;

2 Liar no victim's mobile phone card service password, is through the network room security loopholes over-privileged subscription mobile phone newspaper package, the first Step 3 key operations need to provide SMS verification code.

Now the point is to ask for the SMS Verification Code Step 3 to what exactly:

Find out what materials are required for the replacement of your mobile phone card first. According to the Beijing Mobile official website Introduction (http://www.bj.10086.cn/support/brand/easyown/profile/rmjbk/ ): Can be based on the customer's valid documents and customer service password (such as Change password need to change password) to Beijing mobile offices to handle the card business.

1) ID card. Through the production of fake ID, need information: name, ID number . for scammers, the purchase name + ID number is not a problem, the production also does not exist technical barriers.

Related information and cases:

http://news.sina.com.cn/o/2016-03-17/doc-ifxqnnkr9347165.shtml (Key content: The suspect in the QQ Group spent yuan to buy Ms. Tang's name, Social Security number, mobile phone number, bank card number, net bank login account, password and net silver payment password of a set of information. )

https://www.google.com/#q =%e5%8a%9e%e5%81%87%e7%9a%84%e5%b8%a6%e7%a3%81%e7%9a%84%e8%ba%ab%e4%bb%bd%e8%af%81

Http://finance.caijing.com.cn/20150820/3951274.shtml

Http://bjcb.morningpost.com.cn/html/2014-09/04/content_308240.htm

Http://gd.qq.com/a/20131114/005323.htm

2) Service password (service password)

If the liar already has the customer service password, there is no need to request the 3rd step SMS Verification code.

But the above operation still need to go to the business hall, easy to expose.

and reference:http://mt.sohu.com/20160104/n433432997.shtml can see Beijing Mobile provides automatic card changing service, need two times confirmation, most likely is the 3rd step in the SMS verification code. Scammers can naturally get blank SIM cards from other channels .

See the second case at the beginning:http://bbs.tianya.cn/post-no110-15223504-1.shtml, refer to the Beijing Mobile SMS Safe box function change:

Compare two 2 cases can be seen, because the liar has been unable to obtain the SMS safe box to obtain the service type SMS verification code, so the victim needs to submit SMS verification code, the liar is used to unsubscribe from the garbage business as bait, to induce users to submit.

At this point, it is likely that the scammers are using a blank sim card to copy the victim's mobile card, thereby gaining control of the card.

The vast majority of online businesses now rely on mobile phones as a trusted device, enabling them to retrieve passwords and control over their phones. As a result, fraudsters can then gain control of the mobile card, gradually control all kinds of key website accounts: Payment class, virtual property category.

How to prevent and deal with:

1, the liar was originally used to use the name, ID card can forge identity cards, and even dare to go to the bank card replacement bank card. There are many such cases online. But this is a high risk of operation, easy to expose. Therefore, by replacing the mobile phone card, copy mobile card and other ways of committing crimes, so the first is to avoid leaking identity card number, mobile phone number, especially at the same time leakage. Do not throw in your hands for all kinds of small gifts and small discounts. The value of personal information is far more Jin GUI than you think!

2. Keep your mobile service password. For all types of account notification SMS verification code, must be carefully kept. Do not send text messages to anyone, as soon as possible to confirm the verification code trigger source, timely detection of anomalies.

3, in the event of abnormal, such as mobile phone for a long time without service, capital anomalies, immediately through other channels to contact the corresponding operators, banks, websites, freezing bank cards or accounts. If there is a large capital anomaly, you can also contact the police directly. Be sure to avoid the panic in your own account, bank card transfer between.

Cobwebs, uncover the "experience network fraud, how the internet makes me born without a penny?" The secret behind the article "