July 7 2015

Hackers Use Text Message Scam to Take Over Email Accounts

By: Rich Hosford

Don’t fall for this scam intended to gain access, and even control, of your email account. 

According to the Federal Trade Commission (FTC), hackers have found a new way to get into victims’ email accounts, one where the victim themselves provides the way in. 

In a warning the FTC says the scam works like this: A person receives a text message from their email provider with a verification code. 

Shortly thereafter a second message comes in saying the email system has detected unusual activity on their account and asks that they reply with the verification code that was sent to their mobile device to stop unauthorized activity. 

Many people would send the code and believe they are doing what is best to protect their account, the FTC says. However, in this scam it is actually a hacker who has the victim’s email address and mobile phone number who will receive the code. 

Here’s how it works: The hacker went to the victim’s email login screen and clicked “Forgot Password” and asked for a verification code via text message. The hacker then pretended to be the victim’s email provider and sent a text message asking for the code. When the victim text messaged in reply, the hacker had everything he or she needed to complete the login process. 

At this point the hacker can gather a lot of personal information about the owner of the email account and could even change the settings so future emails are forwarded to the hacker. 

To avoid falling for this scam, the FTC says to never send verification codes to anyone via text or email. Use these codes only on the login page. And if you get a verification code that you didn’t request, let your provider know about it. That could be a sign that someone is tampering with your account.

Web Design by Polar Design