The invisible cyber-attack on companies providing SMS redirection services is reportedly being carried out in connivance with workers at telecom companies, reports Motherboard.
This picture has been used for representational purpose
In what could put smartphone users at a new privacy and security risk, text-messaging management services are now being misused for as little as Rs 1,160 (nearly $16) to covertly redirect text messages from users to hackers, giving cybercriminals access to two-factor codes/login SMSes.
ADVERTISEMENT
The invisible cyber-attack on companies providing SMS redirection services is reportedly being carried out in connivance with workers at telecom companies, reports Motherboard. "The method of attack, which has not been previously reported or demonstrated in detail, has implications for cybercrime, where criminals often take over target's phone numbers in order to harass them, drain their bank account, or otherwise tear through their digital lives," the report said late on Monday.
Using these services, attackers are not only able to intercept incoming text messages, but they can reply as well. "It's not hard to see the enormous threat to safety and security this kind of attack poses," US Senator Ron Wyden said in a statement. There are several other methods to exploit the SMS services and SIM swapping is one of those. But with SIM swapping, it's easy to find out that you are under attack as your device will be completely disconnected from the cellular network.
However, with SMS redirection, you could notice the cyber-attack much later and by that time, hackers would be able to break into your account and personal-financial data. According to The Verge, SMS should be avoided for anything security related, if possible, for two-factor authentication. "It is better to use an app like Google Authenticator or Authy. Some password managers even have support for 2FA built in, like 1Password or many of the other free managers we recommend," the report mentioned.
This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever