I'm noticing a concerning trend where service providers are relying more and more on SMS verification codes for identity confirmation and administrative actions. It seems we've forgotten the risks of SIM-swapping and other phone-based attacks.