“There’s a problem with the way AT&T sends out customer alerts via text message: They’re too easy to mimic,” Jose Pagliery reports for CNN.
“With little effort, a scammer could send you alerts that look just like the real thing. Click on a link and the hacker will grab your login credentials — or fool you into giving up your credit card too,” Pagliery reports. “It’s yet another phishing scheme. But instead of email, hackers can target you with texts.”
“The problem stems from AT&T not making its real alerts look legitimate enough, said Dani Grant, the computer programmer who noticed the flaw. ‘If the official texts look like phishing, it’s impossible for the customer to distinguish between what’s phishing and what’s not,’ she said,” Pagliery reports. “”
Read more in the full article here.
[Thanks to MacDailyNews Reader “Lynn Weiler” for the heads up.]