Blog

A Hacker Could Steal All Of Your Text Messages for a Few Bucks

A Hacker Could Steal All Of Your Text Messages for a Few Bucks

We always picture hackers as these foreboding, black-clad criminals, smirking through the shadows cast in their dark room by their computer monitor. Hardened, uncaring individuals who don’t go outside very often, staring at code as if they were able to decipher the Matrix.

It’s time we give up this persona and stop mystifying cybercriminals. Why?

It only takes a few bucks and some spare time to truly hold an individual’s data hostage.

Cybercrime doesn’t require the skill of a computer programmer, any more than mugging somebody on the street requires the skill of a James Bond villain. It just takes a level of dedication and a huge lack of compassion. 

It’s So Easy to Have Everything Taken Away From You

Let’s keep the comparison of cybercriminals with street muggers in mind. That’s really what these people are. When my friend (we’ll call him Bob for the sake of this blog post) watched his online accounts systematically get broken into, he wasn’t dealing with a highly-skilled, Hollywood-portrayed hacker. He was likely dealing with a kid who found an easy way to take advantage of others.

Here’s the story:

Bob received a weird message from a stranger. That message had screenshots of a few of his online accounts—his Amazon account, Netflix, and a few others. This stranger was proving that he had access to Bob’s accounts.

A few minutes later, the stranger started to show text messages that were intended for Bob. He logged into Bob’s Facebook account and started messaging Bob’s friends and family. 

Bob’s phone wasn’t acting strangely. There was no evidence that it had been hijacked. His computer at home wasn’t showing any signs of malicious activity. Everything worked as normal.

This stranger was going through all of Bob’s online accounts and changing passwords, taking over, and locking Bob out. It wasn’t long before he found his way into Bob’s Paypal account.

How could this happen? There are actually several possible ways:

If you use the same passwords on multiple accounts, it’s easy for a cybercriminal to sift through sites and businesses that were breached and try your username and password on other services. Stolen information is often displayed and sold on the Dark Web, and for a few dollars, anyone can grab loads of personal, sensitive information like this.

Another way could be SIM Swapping, which is a term for when a criminal tricks a cell phone carrier to forward your calls and text messages to their own device. It only takes a confident criminal and a misguided support person at your carrier.

In this case, however, the criminal didn’t even go that far.

They used a legitimate service called Sakari, which is a text messaging marketing service that lets businesses perform mass communication to their customers or subscribers via text. 

Anyone can create an account with Sakari, and for a few dollars, seize another person’s phone number.

The victim doesn’t lose access to their smartphone. They still get calls and texts. The criminal, however, gets to see everything going on. Since many online accounts will text you if you try to get in without a password, the so-called hacker could intercept these messages and take the steps to gain control over your identity. Once they are in your text messages, they can quickly escalate into your email, and then control everything.

We’re likely going to see companies like Sakari increase their security to prevent this from becoming a widespread problem, but it just goes to show you that hackers can be resourceful without actually needing a lot of skill—just dedication to do wrong.

To protect yourself from this type of attack, be sure to use strong passwords and never use the same password on multiple accounts. Utilize 2FA that goes beyond SMS messaging, such as the Google Authenticator, Duo, Lastpass Authenticator, or a similar tool. Most importantly, never hesitate to ask your trusted IT experts what you can do to further protect yourself, your identity, and your business.

Want to discuss your cybersecurity? Give White Mountain IT Services a call at 603-889-0800.

By accepting you will be accessing a service provided by a third-party external to https://www.whitemtn.com/

Related Posts

A new ransomware attack has surfaced, this time mostly targeting IT companies and their clients. The attack is specifically targeting the Kaseya platform. Kaseya is management software that many IT companies use to remotely manage and support technol...
Small business owners are always on the lookout for that “special something” that will bring added value to their offering. In 2020, with COVID-19 sticking around, it has been difficult for businesses to commit to any new investments. To keep revenue...
In the last few months, there have been several high-profile data security breaches that resulted in the theft of millions upon millions of non-public information records. Though much of the focus in the aftermath of the breaches was on personal iden...
A surprising number of security issues come from inside your organization. User error on the part of the employee can present major problems for your workflow, data security, and the integrity of your business. User error could be something as simple...
Businesses can benefit from the use of personal mobile devices in the workplace, yet there are also potential dangers in allowing mobile and Internet of Things devices to access your network. In order to reduce these dangers, you need to put some lim...
Have you ever wondered which websites on the Internet are the most dangerous? Recently it’s been discovered that the majority of threatening websites on the Internet fall into some very easy-to-identify categories; or, more specifically, about 95 per...
Over the past several months, while watching the news or reading about business and technology, you’ve probably encountered a few words, such as ‘ransomware’ ‘exploit weakness’, and ‘security patch’. These terms are used often, and you may be confuse...
As you may expect, the average Internet scammer isn’t above resorting to dirty tricks to claim their ill-gotten prize from their victims. A recent scam demonstrates just how dirty these tricks can truly be, and unfortunately, how ill-prepared many ar...
Since the beginning of the COVID 19 pandemic, it has been clear that many companies were not prepared to continue their operations remotely. This was largely due to their leadership being convinced in recent years that allowing people to work remotel...
A vulnerability in Microsoft’s MSHTML browser engine has been discovered and tracked by Kaspersky. It is being exploited all over the world right now. How can you avoid this vulnerability so that it doesn’t affect your business? Let’s find out....
If you’ve watched the news lately, chances are you’ve seen the Equifax breach and the ridiculous fallout it has caused. Over 133 million personal records have been stolen. While it’s difficult not to feel individually victimized by such a breach, it’...
A security audit is designed to test the overall integrity of your business when it comes to its IT security. In today’s environment, businesses need to have strengthened fortifications in place to protect themselves from cyberthreats, and these fort...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our offices in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 60 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services


33 Main Street, Suite 302
Nashua, NH 03064

 


121 Riverfront Drive
Manchester, NH 03102

603-889-0800

Open Positions