New Tricks Hack Account Email

sms hoax

Do not think it had a super long and difficult passwords make cyber criminals can not break into your email account. Remember, cyber criminals have many ways to break into your account. Like using the following method.

sms hoax

According to Symantec’s report, some of the most effective fraud is often very simple. For example disguised as police and ask people to hand over their car keys.

This deception has two characteristics: simplicity (mode) and the fact that people tend to trust the authorities.

Lately, Symantec found the increase in spear-phishing attacks that target specific types of mobile users. The aim of this attack is to gain access to the victim’s email account.

“This social engineering attack is very reassuring and we have found many people were fooled by it,” said Symantec.

To carry out the attack, the criminals need to know the email address and mobile number targets, which is usually not too difficult for them to get.

The attacker then uses the password recovery facilities that exist on many email providers, whose initial goal is to help users who forgot the password to regain access to their account, among others, the verification code sent to their mobile phone.

After the criminal report ‘forgot password’, email providers – such as Google – automatically sends a verification code to the phone number of the original owner of the email account.

Well, here’s where the social engineering cyber criminals launched. A moment later, the criminal sends a short message to the original owner of the email with the claim as Google (or other email providers) and request a verification code that is sent.

Here’s roughly the hoax SMS contents. “This is Google. There has been unauthorized activity on your account. Please reply with your verification code”.

Unwary user might be easily fooled and direct reply to the hoax message with a verification code email account. If you have this, you have become a victim.

“Most of the cases that we have encountered, the user override Gmail, Hotmail, and Yahoo Mail,” said Symantec.

For that, it takes the suspicion of users to messages asking about the verification code, especially if they never asked for. If you are not sure about the unexpected demand, the user can check with their email providers to confirm whether the message is legitimate.

And one more, usually request a verification code never needs a reply from the user. For more details, please refer to the illustration video so you can be more vigilant.