Haseeb Awan - efani.com

I've been building Efani for years now. Here are 7 lessons that changed how I think as a founder: I learned most of these the hard way :) 1. Doubts will come. You have to persist anyway. Every founder I know has a voice in their head saying it won't work. The ones still standing refused to obey that voice. 2. Saying no is a superpower. I used to say yes to everything. Every partnership, every opportunity, every distraction dressed up as a chance. Saying no is what finally let @efani grow. Focus is a decision you make a hundred times a day. 3. Hiring the wrong people costs more than money. It costs time, culture, momentum, and energy you can't get back. The wrong hire in an early team doesn't just slow you down It changes the entire atmosphere of what you're building. 4. Patience is a competitive advantage not many folks have. Everyone says they're playing the long game. Very few mean it when it gets hard. 5. The people who believe in you early are everything. First clients. First team members. First believers. I don't take those people lightly. Ever. 6. You can't logic someone into urgency. I used to think better data would convince people. It doesn't. Emotion moves people. Facts support the decision they already made. 7. Protecting people is a privilege, not just a business model. Every client we save from a security risk is a real person with a real life. That responsibility keeps me serious on the days I want to quit. If you're a founder in the early days, the hard part is supposed to feel this hard. Stay in it. What has your journey taught you so far?

$33 million lost in just one SIM swap case in 2025 And the victim had "extra security" on their account. You didn't build what you have by being careless. But there's one thing most people at your level haven't locked down. Your phone number unlocks: . Your email. . Your bank. . Your trades. . Your company. One convincing voice. One bad day at your carrier. Under 10 minutes, and it's gone. The more you've built, the more public your name is, the more attractive you are. Your carrier was built for 300 million people. Not for you specifically. The lock on your front door gets more thought than this. Your number sits exposed, quietly, while everything you've built sits behind it. Most people only think about this after. Are you thinking about it now?

Hacktivists just wiped 200,000 devices. One login. One tool. One catastrophic mistake. Here's what happened to Stryker: . $25B company . 56,000 employees . 79 countries. Brought to its knees in hours. 50TB of data stolen. Employees reverting to pen and paper. The weapon? Microsoft Intune. Not a zero-day. Not sophisticated malware. Just admin access to a mobile device management tool And a remote wipe command sent to every enrolled device. Including personal phones. Because Stryker used 'Bring Your Own Device'. Here's the part nobody's talking about: Those 30,000+ employees didn't lose company data. They lost THEIR data. Photos. Contacts. Banking apps. Personal messages. Gone. Because their employer asked them to enroll their personal phone into corporate Mobile Device Management. This isn't a Microsoft problem. This isn't an Iran problem. This is a corporate security problem. When you enroll personal devices into corporate management tools, you hand attackers a nuclear button, pointed at your employees' lives. The bad guys covered their tracks with 50TB of stolen data. The question is: what are you doing to cover yours?

Kids thought they were catching Pokémon. They may have been helping build one of the largest surveillance operations in history. In 2016, Niantic needed to map streets, buildings, and public spaces at planetary scale. Instead of hiring paid workers, it built a game people were obsessed with playing. The result: > 230 million players. > 30 billion images. > 1 million new scans every week. That data just sold for $3.5 billion. The players got a Pikachu. Niantic got a surveillance empire. Did you catch the Pikachu?

Your phone is your biggest liability. Most people think their bank accounts are secured by passwords. They’re wrong. Your life is secured by a 10-digit number owned by a billion-dollar company that doesn't know you exist. Just ask Bitcoin pioneer Charlie Shrem. He had every protection "Big Telco" offers: . SIM Lock . Number Lock . Account PINs It didn't matter. In the middle of the night, a hacker social-engineered a retail employee. Within minutes, Charlie’s number was ported to a new device. The result? The hacker had the "Master Key" to his entire digital identity. When you control the SIM, you control the 2FA. When you control the 2FA, you control the assets. Charlie didn’t get lucky. He got Efani. While he was sleeping, Efani’s team was "wrestling" control back from the hacker. They didn't just fix the problem; they upgraded the system. The Efani System for 100% Mobile Peace of Mind: 1. 11-Layer Authentication: No more bribed retail clerks. 2. 14-Day Cooling Period: Time is the enemy of a hacker. 3. $5M Insurance: Financial backing for total accountability. The Lesson: Don't wait for a "middle of the night" wake-up call to realize your systems are broken. If you are a founder, executive, or investor: Your phone is either your greatest tool or your single point of failure. Build a moat around your digital life.

Cyberattacks are changing forever in 2026. Generative AI was just the warm-up. Now Agentic AI is making its way in. And most leaders are completely unprepared. Here’s why agentic AI is the ultimate threat multiplier: Generative AI requires a prompt. Agentic AI pursues a goal. If GenAI is a tool, Agentic AI is a relentless employee. It doesn’t just write phishing emails or code malware. It plans, acts, observes, and adapts, completely on its own. How it works: 1. Orchestration: It uses LLMs to reason and build strategies. 2. Execution: It deploys APIs, scanners, and scripts autonomously. 3. Memory & Feedback: It remembers what failed and adjusts its approach in real-time. The scariest part? If you block an Agentic AI attack, it doesn’t give up. It pivots, learns from your defense, and attacks again. It works 24/7 until it achieves its objective or gets completely purged from your system. But you don’t need to panic. You just need a better system. Here are 3 ways to defend your organization today: 1. Upgrade your Identity Controls. Lock down exactly who or what gets access. 2. Don't just look for known malware. Look for unusual access patterns and anomalies. 3. Segment Your Network. Stop the autonomous agent from spreading if it finds a way inside. The gap between attackers and defenders is real. But it can be reduced. Don't wait until you're a victim to build your defense. Ask yourself: How are you preparing your systems for the AI driven threats of 2026?

Bitcoin jumped $1,000 on a lie. Then crashed $2,000 when the truth came out. That lie came from the Securities and Exchange Commission's official X account. But this wasn’t a sophisticated “market genius” move. It was a SIM swap. Here’s what happened: A fraudster targeted the phone number linked to the SEC’s X account. He used a fake ID at an AT&T store. Got a replacement SIM card. Then he bought a new iPhone. Inserted the SIM. Received the SEC account’s password reset codes. Shared them with his co-conspirators. That single move gave the group access to the SEC’s X account. They posted a fake message claiming the SEC had approved Bitcoin ETFs. Bitcoin surged by more than $1,000. Then the SEC recovered the account and announced the post was unauthorized. Bitcoin fell by more than $2,000. All because attackers hijacked a phone number. That’s the scary part. Not every major breach starts with advanced hacking. Sometimes it starts with: . a fake ID . a store employee . a SIM card . a broken recovery process This is what people still underestimate about cybersecurity: Attackers do not always break systems. They manipulate people around the system. And once someone controls the phone number, they can often defeat: . password resets . 2-step verification . account recovery flows The fraudster reportedly made around $50,000 for the SIM swap. Big lesson: If a phone number can move a billion-dollar market, security is not just a tech problem. It is a process problem. And weak processes are expensive. ___ ♻️ Retweet this if you found it interesting.

@SlowLearner18 @efani Yes you can text , call or email us and we will set you up for free !

@haseeb How does an @efani customer get this set up? Call customer service?

We put together a short video explaining one of the newer features we offer at Efani, and it is something we are genuinely excited about. It is called dual eSIM configuration, and it is available to all of our customers at no additional cost. Here is how it works. We set you up with a primary eSIM, for example AT&T, which handles your voice, SMS, and data across the US, Canada, and Mexico. We also set you up with a second eSIM, our global data-only roaming SIM, which connects to nearly 500 carriers worldwide. What does this actually give you? First, real manual control. In 200 plus countries, you can choose which data data network you want to use. Even inside the United States, you can be on AT&T for voice and text while switching your data to T-Mobile or Verizon if you want to. Second, genuine resilience. If a hurricane takes out a tower, or your current network is congested and your speeds drop, you can manually switch to a different carrier and stay connected. That kind of flexibility matters when you are running a business or traveling somewhere critical. Third, security and privacy. Our global data roaming SIM keeps you on LTE and 5G so your data stays encrypted. It is also anonymous, meaning your name is not attached to it. You move through the world as a guest on these networks, which means less data collected about you by carriers. One device, two eSIMs, nearly 500 carriers, better coverage, better privacy, and real control over how you stay connected. youtu.be/ds3we0RQxvo

@ali_moiz @mecolalu @scribemediaco Great read for any founder. Behind every overnight success, there's decade of hard work

3 Startups, 40 Pivots: How to Not F****G Give Up launches TODAY 🚀 labor of love writing this w/@mecolalu and @scribemediaco Story from the book below on how we missed out on investing in OpenAI at a $20B valuation 3 years ago (they're valued at $780B today) 👇

@type_kshitij @Jason What're your favorite LLM ?

@Jason I tried Kimi and GLM on claude code harness for coding , its not even close? When you said you doing Kimi with your mac minis, I wonder how thats worked out 2 weeks in?

This is why we went open source LLMs on local silicon for 90% of jobs Totally imperfect, but we’re not interested in giving any corporation the keys to our business — which might be a silly gesture, but we’re gonna give it a shot

3 hard truths about “secure” messaging apps. We recently broke down WhatsApp vs Telegram vs Signal on our @efani YouTube channel. Here’s the short version: 1. Signal End-to-end encryption by default. Almost zero metadata. Best choice for pure privacy. 2. WhatsApp Strong encryption for message content. But significant metadata collection under Meta. Backups can quietly weaken your security. 3. Telegram No end-to-end encryption by default. You must manually use “Secret Chats.” Security depends heavily on user behavior. But here’s what most people ignore: All three rely on your phone number. If someone successfully SIM swaps you, they can attempt to take over your account, regardless of how strong the encryption is. Encryption protects messages. It does not protect your identity layer. If you use any of these apps, do this today: ✅ Enable in-app two-step verification ✅ Add a strong PIN ✅ Lock down your mobile carrier against SIM swaps Which app are you using, and have you secured the number behind it? Watch the full video here: youtu.be/4vr8TIdJsjg #CyberSecurity #MobilePrivacy #SIMSwap #DigitalSecurity

The best defense = awareness + prevention. Priceless = knowing no telecom entity representative will able to be talked into porting my phone number to another device without my permission. A phone number is a master 🔑 to your life. @efani locks it up.

@Cernovich Great post . Can totally relate to it and we're looking forward to welcoming our 4th this year too :) It changes prospective of life

4 Kids Later mikecernovich.substack.com/p/4-kids-later

Introducing Okara, an AI that respects your privacy Try it now at okara.ai

Cybersecurity is not failing because of technology. It is failing because of behavior. Mark recently hosted @RobertSiciliano, founder of @ProtectNowLLC, on our Efani Features podcast. One idea from that conversation stands out: All security is personal. Organizations spend heavily on tools. Firewalls. Monitoring. Compliance training. Phishing simulations. Yet breaches continue. Why? Because most people do not see security as something that protects them. They see it as policy. As inconvenience. As someone else’s responsibility. If someone reuses passwords in their personal life, ignores two-factor authentication, or dismisses identity protection at home, that mindset follows them into the workplace. That is where account takeovers begin. That is where SIM swaps succeed. That is where social engineering works. The real shift is not from insecure to secure systems. It is from awareness to appreciation. When people care about protecting their own identity, they protect company data differently. That is the conversation we need to be having in 2026. The full episode is live on @efani’s YouTube channel: youtu.be/NdMLY0-uNJY

YES, it's critical. What's annoying is some banks don't offer non-SMS authentication. Massive vulnerability that's just out there because telcos have poor security and you can get sim Swap attacked for serious amounts of money. My friend @haseeb used to get sim swap attack attempts so I invested in his solution @efani. Sim SWAP attack resistant cell phone plan with 10+ layers of authentication. I used it primarily because there's scenarios in which these institutions I was logging into force us to use SMS authentication and sometimes there's no alternatives. So keep your opsec locked down.

Everything you knew about “secure phone calls” is 100% wrong. In 2026, not all calls are created equal. Mark Kreitzman just broke down the 3 ways we make calls today and ranked them by security and privacy. Here’s the simple version: 1️⃣ Standard Cellular (VoLTE) Encrypted over the air. Reliable. High quality. But your IMSI and metadata can still be exposed. 2️⃣ Wi-Fi Calling Uses IPSec tunneling. Bypasses cellular towers and avoids stingrays. Slightly better for privacy. 3️⃣ App-to-App (Signal, WhatsApp, Telegram) True end-to-end encryption. Encrypted on your device, decrypted only on the recipient’s. Most private option available. And the old “downgrade attack” fear? Modern secure carriers no longer support 2G or 3G. No fallback, no forced downgrade. 3 quick takeaways: - Use app-to-app for sensitive conversations - Enable Wi-Fi calling in high-risk areas - Stop assuming “encrypted” means “fully private” Your phone number is your digital master key. How are you protecting it? Full breakdown here: youtube.com/watch?v=JyhMjx… #MobileSecurity #Cybersecurity #Privacy #Efani

⚠️ Most people still think their phone number is just a way to receive calls and texts. In reality, it has become the master key to your digital life. Banks, crypto wallets, email providers, and even enterprise identity systems still rely on your mobile number for account recovery and authentication. That makes SIM swap attacks one of the highest-leverage, lowest-effort attacks available to criminals today. In this short video, Mark Kreitzman breaks down a simple but uncomfortable truth: If someone takes control of your phone number, they do not need to hack your devices. They can reset everything. That shift matters. Attackers are no longer targeting malware. They are targeting carriers, help desks, and identity recovery flows. This is exactly why we built @efani as a security-first mobile service, not a discount carrier with bolt-on features. The focus is straightforward: – Eliminate retail and automated port-out paths – Require layered human verification for any number change – Treat the phone number as a protected asset, not a convenience feature For executives, founders, journalists, and anyone holding digital assets, mobile security is now part of personal risk management. Convenience without security is no longer neutral, it is exposure. If you still assume your carrier has this covered by default, this is worth five minutes of your time. 👉 youtube.com/watch?v=YYl9Dh…