Scam Of The Week: Nasty Two-factor Auth Text Hack

There is a new scam you need to watch out for if you log into your accounts and have to wait for a text message on your phone to enter and only then log in. This more secure system is called “2-factor authentication”. These two factors are:

  1. one thing you need to know — your password
  2. one thing you have to have — the text code on your phone

Now, criminal hackers are trying to get past this with a nasty trick you need to watch out for. Tens of millions of hacked user names and passwords have recently surfaced — yours may be one of them — and they are using these for this scam.  Read this.

They send you a fake (spoofed) text that looks like it’s from the company you have an account with, claiming that your account may be hacked or that there is suspicious activity happening.

In the same text they say they will send you your verification code and that you need to send that right back to them or your account gets closed. But if you text that verification code back, you have given the hacker just the thing they needed to hack into your account! The French would say: “Simple comme Bonjour“.

TIP TO STAY SAFE

If your accounts are protected by 2-factor authentication, the only time you will be sent the code is to verify an attempt to log into your account.  That means if you did not just try to log in and you suddenly receive a verification code through a text message to your smartphone, it is because a scammer who already has your user name and password is trying to hack into your account.

Never provide your verification code to anyone. Only use it to input the code into your smartphone or computer when you log into a 2-factor authentication protected account. And as a reminder, never give out personal information, such as your Social Security number or credit card numbers in response to a text message (or email) because you simply cannot know for sure who is really on the other end of that communication line.

Remember, Think Before You Click!

Leave a Reply

Your email address will not be published. Required fields are marked *