SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
14 Jun 2016

Hackers find clever way to bypass Google's two-factor authentication

There's a new trick going around that can fool some people into divulging their two-factor authentication code to crooks, while thinking they're actually protecting their accounts.

Two-factor authentication, or 2FA, is a second layer of authentication that many online services support, from banks to Google, from Facebook to government agencies.

2FA works by requiring a user to enter a code that they received via SMS on their phone after they logged into a 2FA-protected account. If the user doesn't enter the code promptly, the login is classified as a hacking attempt, and the user blocked from accessing the account, even if they entered the correct password. You can see the benefits, right? This past week, Alex MacCaw, co-founder of Clearbit.com, tweeted out the image of an SMS he had just received.

An unknown attacker had sent MacCaw an SMS message posing to be from Google. The SMS read as follows:

Basically, the attackers were mentally preparing the victim to receive the 2FA verification code, for their illegal login attempt they were about to carry out. The crooks were going to access MacCaw's account, and when his 2FA system would kick in, MacCaw would act to lock his account by sending the "verification code to Google." In fact, MacCaw would be sending the 2FA code to the crook, who would then enter it in the login page and access his account, with his cooperation.

Fortunately, MacCaw recognized their tactics and didn't fall for this new type of social engineering trick. If you receive an SMS like this, don't reply with any verification code and change your password immediately. An attacker will try this only when he's in possession of your password, otherwise sending this SMS would be useless. If you receive this SMS, then you can be sure your Google account password is compromised.

Tags:
Google information leaks hackers
Source:
Softpedia
2264
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015