Conversation

It’s well known that number recycling is a nuisance, but we studied whether an adversary—even a relatively unskilled one—can exploit it to invade privacy and security. We present 8 attacks affecting both new and previous owners. We estimate that millions of people are affected.
2
8
Unfortunately, carriers imposed few restrictions on the adversary’s ability to browse available numbers and acquire vulnerable ones. After we disclosed the issue to them a few months ago, Verizon and T-mobile improved their documentation but have not made the attack harder.
But the biggest threat isn't from opportunistic adversaries but from attackers that specifically seek out recycled numbers. For example, if someone changes their number to escape a harasser, *the harasser can obtain the number* to impersonate the victim, causing even more damage.
1
22