1.4.3 Why does CoinFLEX not support SMS for 2FA log in

This is due to the danger of a mobile take over attack. This kind of attack involves a hacker contacting a victim’s phone operator and convincing a call centre agent to transfer the victim’s phone number over to another, hacker controlled, SIM card. From there, the hacker arranges to reset the victim’s email using the SMS recovery option on their email account by which point the hacker often has all the information they need to access the vast majority of the victim’s online accounts.

To prevent this, we recommend that you do not in any way enable the use of your phone number to recover access to your email address or vice versa.

The other questions in this section (Security) provide a short summary of useful steps you can take to secure your email, mobile phone and phone number if you are not already doing so.

Contents