Man-in-the-middle and social engineering attacks

We group these two types of attacks because they both involve an adversary actively interposing themselves into communication or interaction (e.g., between a user and device or MNO, or a communication interposition between parties)

Affected entity: Mobile User

Risk: Data exposure and modification

  • Vulnerability: Use of unverified and unsigned applications (SD: privacy, data integrity)

  • Vulnerability: Spamming such as unsolicited SMS messages, in-app advertisements, or e-mails (SD: data integrity)

  • Vulnerability: Insufficiently protected credentials (SD: access control)

Affected entity: MNO

Risk: Unauthorized access to user data

  • Vulnerability: Weak over-the-air encryption (SD: communication security)

Risk: User impersonation

  • Vulnerability: Failure to force Calling Line Identification & filtering (SD: communication security)

Risk: User account takeover

  • Vulnerability: Inadequate account configuration and authorisation controls (SD: authentication)

Affected entity: Third-Party Providers

Risk: Third party exposure of sensitive information

  • Vulnerability: Weak encryption algorithms used on data stored in the device and data transmitted (SD: privacy)

  • Vulnerability: Lack of encryption of communications (SD: communication security

  • Vulnerability: Handling & management of certificate or key materials (SD: access control)

Risk: Identity theft

  • Vulnerability: DFS Provider or MNO system failure leading to agents/third parties reverting to offline processes (SD: availability)

PreviousInsider AttacksNextCompromise of DFS Infrastructure

Last updated