The scam, known as "SIM swapping," involves fraudsters moving or "porting" phone numbers to a new device and then gaining access to personal information through apps and other data. Researchers at Princeton University's Center for Information Technology detailed the many ways that SMS two-factor authentication can go wrong, including multiple failings on the part of carriers to vet SIM-swap requests. (WIRED)
Here is an expert from McGill University that can provide comment on this issue:
Benjamin Fung, Associate Professor, School of Information Studies
“Web service providers should use authenticator apps for two-factor authentication, instead of relying on telephone numbers for identity verifications.”
Benjamin Fung is an Associate Professor in the School of Information Studies and is a Canada Research Chair in Data Mining for Cybersecurity. He has over 90 refereed publications that span the research areas of data mining, privacy protection, cyberforensics, services computing, and building engineering.
ben.fung [at] mcgill.ca (English)