Companies can silently reroute your texts to hackers, sometimes for just $16
There’s a newly discovered attack on SMS messaging that’s almost invisible to victims, and seemingly sanctioned by the telecom industry, uncovered in a report by Motherboard. The attack uses text-messaging management services that are aimed at businesses to silently redirect text messages from a victim to hackers, giving them access to any two-factor codes or login links that are sent via text message.
Sometimes, the companies providing the service don’t send any sort of message to the number that’s being redirected, either to ask permission or even to notify the owner that their texts are now going to someone else. Using these services, attackers are not only able to intercept incoming text messages, but they can reply as well.