Cyber-criminals could be using your SMSs to access your bank accounts, thanks to a security vulnerability in cellular networks.
According to MyBroadband, the flaw lies in ‘Signaling System 7, an international communications standard.
Using this flaw, hackers can intercept calls and SMSs, ultimately leading to severe cybercrimes like bank fraud.
The worst part? All the hackers need is your phone number. Nothing else.
Vice Motherboard reports that authorities have been aware of the flaw for years now, but very few network operators have done anything about it. Now, it says, several bank accounts have been drained.
What does this mean for you? Well, it essentially means that ant two-step SMS verification used by your bank is vulnerable to interception.
Germany’s The Süddeutsche Zeitung reports that SS7 access costs a mere €1000, giving an army of financially-motivated hackers an easy way in to your pocket.
Most banks use SMS authentication to authorise transactions, adding a ‘one-time pin’ step to keep things secure. We know now that these OTP messages can be intercepted.
The bottom line? Services need to upgrade their security protocols now, as it doesn’t seem like the vulnerability will be dealt with any time soon.