[url=http://thenextweb.com/insider/2015/06/19/this-social-engineering-trick-makes-breaking-into-email-accounts-scarily-easy/#][u]This social engineering trick makes breaking into email accounts scarily easy[/u][/url]
[quote]The anatomy of the attack in the video is fairly simple, but surprisingly effective:
*Send the victim a text from an unknown number, warning them that they’re about to receive a code to ensure their Google account is secure and asking them to reply with the code to confirm
*Trigger the Gmail password reset process, which sends a message containing an unlock code to the registered phone
*The user receives the code they’ve been warned about and sends it back to the attacker
*Attacker logs in to Gmail account without detection[/quote]
Just remember, if you get a text message that asks for a password OR a code, do NOT reply to the text. Dual-authentication is (and always should be) a "one way" conversation where your code is sent to you at YOUR request and you enter it into your own session.
-
Thanks m8. I wouldn't fall for that, but other people might. [spoiler]Recon for community manager 2k15[/spoiler]