Wednesday, June 5, 2013

Vulnerable Mexican cellphone carriers

Time ago i wrote an article in spanish how to login to BAM Portal of Iusacell (Mexican Carrier) identifying yourself as anybody and activating service for any number. Also it allows you to get invoice and some personal information of the user

Accident: Three weeks ago someone reported my line as stolen. How it could be? is so strange and than i understood. Each carrier over here has a toll free phone line. If you dial it from any landline the system will ask your phone number, so you can press buttons and you'll get full access to automated menu. There's no authentication at all. You can check plan, balance, report stolen line, activate services on behalf of other person. That sound terrible for me. There's no privacy at all.

Research: After personal research i saw that toll free lines are nothing to see with other vulnerables they have. First of all they do not care at all about customer privacy. Each carrier has at least 2 or 3 web services where you can easily get line owner information (including his billing address), his balance, calls history, payments history and even his location in real time.

Conclusion: Almost no way to control your expenses, anyone can get your sensitive information and no care about that.

Affected carriers: All GSM / CDMA Mexico.

No comments:

Post a Comment