When the attacker gains access to the account they could for example, among other things, add an alternate email to the account and set it up so that copies of all messages would be forwarded to that address. Google just re-sent a verification code via text message: Please respond with it to help secure your Google account” The victim will receive a message along the lines of: “We still detect an unauthorized sign-in to your account. Symantec said it has also observed attackers interacting with their victims when the verification code doesn’t work. Malroy then uses the code to get a temporary password and gains access to Alice’s email account.Īnd, then attacker enters verification code and the ability to reset password is granted. Alice, believing that the message is legitimate, replies with the verification code. Please respond with the code sent to your mobile device to stop unauthorized activity." Malroy then sends Alice an SMS message saying something like “Google has detected unusual activity on your account. Alice receives a message saying “Your Google Verification code is. Malroy accepts this option and an SMS message with a six-digit verification code is sent to Alice. Malroy is offered several options, including “Enter the last password you remember” and “Confirm password reset on my phone,” but skips these until he is given the option “Get a verification code on my phone. This link is used when people have forgotten their login credentials. Malroy visits the Gmail login page and enters Alice’s email address and then clicks on the “Need help?” link. He does know Alice’s email address and phone number though. Our bad guy-let’s call him Malroy-wants to get into Alice’s account but doesn’t know her password. Our victim, Alice, registers her mobile phone number with Gmail so that if she forgets her password Google will text her a verification code and she can access her account.
Using Gmail as an example, the following steps describe how the attack works. The majority of cases observed affect Gmail, Hotmail, and Yahoo Mail users. The attackers make use of the password recovery feature offered by many email providers, which helps users who have forgotten their passwords gain access to their accounts by, among other options, having a verification code sent to their mobile phone. To pull off the attack, the bad guys need to know the target’s email address and mobile number however, these can be obtained without much effort.
0 kommentar(er)
