O
20

Can we talk about how two-factor texts can be intercepted?

I was at a coffee shop near downtown Austin last week and got a sketchy text that looked like a 2FA code from my bank. Something felt off so I called them and they said no code was sent. Turns out someone was using a SS7 attack to grab my SMS codes. I switched all my accounts to authenticator apps like Google Authenticator or Authy that same day. The problem is most people don't even know SMS codes can be hijacked through phone network flaws. Has anyone else run into this or found a better alternative?
3 comments

Log in to join the discussion

Log In
3 Comments
umamartin
umamartin24d ago
Freaked me out so bad I almost dropped my iced latte into my laptop bag, lol. Switched to an authenticator app faster than I can mess up a latte order.
6
the_rose
the_rose23d ago
Same thing happened to me but at a Starbucks in Houston. I was getting duplicate codes from my credit union and just figured it was a glitch until my account got drained. SS7 attacks are way too easy for criminals to pull off. I use Authy now for everything and even bought a YubiKey for my email. The scary part is how many people rely on SMS codes without knowing the risk. Every time I see someone punch in a text code I want to warn them but that would be weird.
6
holly_henderson86
Didn't you used to think SMS codes were totally safe? I did, but now I get why they're not.
1