Skip to main content
Forum FAQ's
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

EE serious security hole

Pixel-is-a-scam
Contributor
Contributor

‎03-04-2023 06:11 PM

 
0 Helpful
8 REPLIES 8
Pixel-is-a-scam
Contributor
Contributor

‎03-04-2023 06:14 PM

When I call EE, from my phone, they send a pass code to me by SMS. This seems ridiculous. If I'm calling them from my phone they know for certain that I have access to the phone. How do they think sending a pass code by text, to the phone they are already certain I have access to, is adding any level of security? 

Whenever I put this to them they can't seem to comprehend the futility of what they're doing. 

Anyone able to explain how it's secure? EE can't. 

bristolian
EE Community Star
EE Community Star

‎03-04-2023 09:58 PM

Caller-ID is not 100% flawless, and an OTP seems a sensible way to be 100% certain, at little-to-no inconvenience to a genuine caller.

No security system is introduced without a valid basis.

Pixel-is-a-scam
Contributor
Contributor

‎04-04-2023 10:52 AM

Obviously it would help prevent fraud by number spoofing. That's not my point. I'd prefer they actually ask some security questions. As I said, the text doesn't offer any security for my personal data or account.

0 Helpful
Chris_B
EE Community Star
EE Community Star
In response to Pixel-is-a-scam

‎04-04-2023 01:43 PM

@Pixel-is-a-scam   But that text is sent to your number and not a caller who might of spoofed your number.      Only your number gets that’s text.   That’s 2FA right there. 

To contact EE Customer Services dial 150 From your EE mobile or 0800 956 6000 from any other phone.
Pixel-is-a-scam
Contributor
Contributor
In response to Chris_B

‎04-04-2023 08:38 PM

It's not 2FA. It only guards against number spoofing.

Because it replaces all other security measures if someone has my phone, or sim, they can do what they like with the account because they just call 150, receive the text, and proceed unchallenged.

 

0 Helpful
354-
Star Contributor
Star Contributor
In response to Pixel-is-a-scam

‎07-04-2023 03:00 PM

I had a brief look at EE's help portal section in security, nothing about pass codes, or any "pinned" topics on the community forums for pass code. 

0 Helpful
Chris_B
EE Community Star
EE Community Star
In response to Pixel-is-a-scam

‎07-04-2023 03:04 PM

@Pixel-is-a-scam   Then have a pass code on your device nothing that’s easy to guess.
Use a sim pin on the SIM card so if it’s removed from your device is then needs that code to unlock it to use it and any apps that have a password to open then use it.     

To contact EE Customer Services dial 150 From your EE mobile or 0800 956 6000 from any other phone.
0 Helpful
Pixel-is-a-scam
Contributor
Contributor
In response to Chris_B

‎07-04-2023 03:16 PM

I called EE from my mate's phone yesterday and was able to add a line to his account. When the poop connects to the spinney thing I'll just remind EE that they told me repeatedly that they believe their approach is secure. 

0 Helpful