OMNINET PLUS Blog

OMNINET Plus has been serving the Washington D.C. metropolitan area since 1994, providing IT Support such as technical help-desk support, computer support, and consulting to small and medium-sized businesses.

A Hacker Could Steal All Of Your Text Messages for a Few Bucks

A Hacker Could Steal All Of Your Text Messages for a Few Bucks

We always picture hackers as these foreboding, black-clad criminals, smirking through the shadows cast in their dark room by their computer monitor. Hardened, uncaring individuals who don’t go outside very often, staring at code as if they were able to decipher the Matrix.

It’s time we give up this persona and stop mystifying cybercriminals. Why?

It only takes a few bucks and some spare time to truly hold an individual’s data hostage.

Cybercrime doesn’t require the skill of a computer programmer, any more than mugging somebody on the street requires the skill of a James Bond villain. It just takes a level of dedication and a huge lack of compassion. 

It’s So Easy to Have Everything Taken Away From You

Let’s keep the comparison of cybercriminals with street muggers in mind. That’s really what these people are. When my friend (we’ll call him Bob for the sake of this blog post) watched his online accounts systematically get broken into, he wasn’t dealing with a highly-skilled, Hollywood-portrayed hacker. He was likely dealing with a kid who found an easy way to take advantage of others.

Here’s the story:

Bob received a weird message from a stranger. That message had screenshots of a few of his online accounts—his Amazon account, Netflix, and a few others. This stranger was proving that he had access to Bob’s accounts.

A few minutes later, the stranger started to show text messages that were intended for Bob. He logged into Bob’s Facebook account and started messaging Bob’s friends and family. 

Bob’s phone wasn’t acting strangely. There was no evidence that it had been hijacked. His computer at home wasn’t showing any signs of malicious activity. Everything worked as normal.

This stranger was going through all of Bob’s online accounts and changing passwords, taking over, and locking Bob out. It wasn’t long before he found his way into Bob’s Paypal account.

How could this happen? There are actually several possible ways:

If you use the same passwords on multiple accounts, it’s easy for a cybercriminal to sift through sites and businesses that were breached and try your username and password on other services. Stolen information is often displayed and sold on the Dark Web, and for a few dollars, anyone can grab loads of personal, sensitive information like this.

Another way could be SIM Swapping, which is a term for when a criminal tricks a cell phone carrier to forward your calls and text messages to their own device. It only takes a confident criminal and a misguided support person at your carrier.

In this case, however, the criminal didn’t even go that far.

They used a legitimate service called Sakari, which is a text messaging marketing service that lets businesses perform mass communication to their customers or subscribers via text. 

Anyone can create an account with Sakari, and for a few dollars, seize another person’s phone number.

The victim doesn’t lose access to their smartphone. They still get calls and texts. The criminal, however, gets to see everything going on. Since many online accounts will text you if you try to get in without a password, the so-called hacker could intercept these messages and take the steps to gain control over your identity. Once they are in your text messages, they can quickly escalate into your email, and then control everything.

We’re likely going to see companies like Sakari increase their security to prevent this from becoming a widespread problem, but it just goes to show you that hackers can be resourceful without actually needing a lot of skill—just dedication to do wrong.

To protect yourself from this type of attack, be sure to use strong passwords and never use the same password on multiple accounts. Utilize 2FA that goes beyond SMS messaging, such as the Google Authenticator, Duo, Lastpass Authenticator, or a similar tool. Most importantly, never hesitate to ask your trusted IT experts what you can do to further protect yourself, your identity, and your business.

Want to discuss your cybersecurity? Give OMNINET PLUS a call at 301-869-6890.

Comments

 
No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 14 May 2021
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Technology Cloud Privacy Hackers Best Practices Hosted Solutions Backup Internet Business Business Computing IT Services Productivity Business Continuity Google Hardware Malware Software Windows 10 Miscellaneous Innovation Computer Mobile Device Management Disaster Recovery Microsoft VoIP Mobile Computing Mobile Devices Network Security Data Windows Workplace Tips Managed Service Provider Smartphone Server IT Support Efficiency Upgrade Email Save Money communications Virtualization Android Employer-Employee Relationship User Tips Small Business Office Budget Holiday Best Practice Chrome Apps Managed IT BYOD VPN Information Technology Quick Tips Hacking IT solutions Network Data Management Outsourced IT Telephone Systems Recovery Microsoft Office Application Smartphones Managed IT Services Tablet Avoiding Downtime Business Intelligence Gmail Hard Drives Disaster Going Green Bandwidth The Internet of Things Remote Computing Social Engineering Firewall Ransomware Operating System Communication Computers Automation Lithium-ion battery Saving Money Wireless Technology Password Phone System Social Hosted Solution Government Streaming Media Mobility Telephony Gadgets Cybercrime Office Tips Remote Monitoring Browser Private Cloud Risk Management Biometrics Network Congestion Health Passwords Proactive IT Humor Cost Management BDR Spam Unified Threat Management Facebook DDoS WiFi Customer Service Administration Big Data Alert Branding Files Regulations Safety Teamwork Two-factor Authentication Presentation Excel eWaste Money Retail Chromecast Reliable Computing Emergency Meetings Operating Sysytem intranet IT service Administrator Virtual Reality Cybersecurity Apple User Saving Time Television Computer Accessories Science Solid State Drive Buisness Domains Access Cameras Data Breach History Best Available Customer Relationship Management Mouse Transportation Printer Law Enforcement App Avoid Downtime Robot Instant Messaging Printer Server Social Media Wearable Technology Reputation Virtual Desktop SaaS Networking Tech Support Bluetooth Data storage Phishing Running Cable Business Management Maintenance HaaS Near Field Communication Shadow IT Human Resources Internet Exlporer Fax Server Google Drive WIndows 7 User Error Colocation IT Technicians Education Document Management Uninterrupted Power Supply Applications Managing Stress Bloatware Antivirus Marketing hacker Storage IT consulting Analytics Save Time Internet of Things Collaboration Laptop iPhone Shortcut Trending HIPAA Benefits Sports SharePoint Touchpad PowerPoint Entertainment Distributed Denial of Service Search Update