Just a Phone Number needed to Hack your Email Account

Its not a new thing that cyber criminals always tries new and trick way to pilfer users information or to hack online accounts. On daily basis we frequently gets spam calls and message and its uncommon. Many times scammers calls with the companies, or corporate names to get users information (from personal details to bank accounts details).

Here a new Social Engineering tricks have been discussed by Security firm Symantec, where attacker /scammers only needs your mobile number to get into your email accounts. Symantec have warned users about a new Password Recovery Scam , where scammers trick user to send password reset code by social engineering tactics.

As this is a simple process where attackers don't need to have any technical knowledge or any coding skills. All what he (attackers) need is your email address and your phone number.

Since the process to reset the password is almost similar to all mail services, this new password recovery scam affects all popular webmail services including Gmail, Yahoo, and Outlook among others.

For the demonstrated purpose Symantec has provided a video explanation of how this new hack attack works. 

How Scam Works..!!!!

• Send the victim a text from an unknown number, warning them that they’re about to receive a code to ensure their Google account is secure and asking them to reply with the code to confirm
• Trigger the Gmail password reset process, which sends a message containing an unlock code to the registered phone.   
• The user receives the code they’ve been warned about and sends it back to the attacker
• Attacker logs in to Gmail account without detection

So all readers be alert with these types of scam message and phone calls. 

Social Engineering is the best attack which give high success rate if you can design it with the creative thinks.

"There is NO patch for the Human Stupidity"