SMS is not a secure protocol

This was bound to happen:

O2-Telefonica in Germany has confirmed to Süddeutsche Zeitung that some of its customers have had their bank accounts drained using a two-stage attack that exploits SS7.

In other words, thieves exploited SS7 to intercept two-factor authentication codes sent to online banking customers, allowing them to empty their accounts. The thefts occurred over the past few months, according to multiple sources.

SMS (aka text message) is not a secure means of communication, and that isn’t anything new either. Keep that in mind when you send details, and use two-factor authentication that doesn’t rely on other means of verification too.

Have you read <em>Haunted Futures</em> yet? cover

Have you read Haunted Futures yet?

I’ve got a story in the science fiction/near future anthology Haunted Futures, together with the likes of Warren Ellis and Tricia Sullivan. Check it out!