NHS Test & Trace sends text to wrong person, telling them they tested negative for Coronavirus

A former MP warns that she received a message intended for someone else, with the results of their Coronavirus test.

Apparently Coronavirus-tracing scammers won’t sound professional… (Yeah, right!)

Some members of the UK public will soon start receiving text messages and emails claiming to come from the NHS Test and Trace Service, as part of the country’s fight against the Coronavirus pandemic.

The problem is that many of them won’t know if the communication is genuine, or from a scammer.

And the UK Government’s advice isn’t helping.

CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency

Security researchers have discovered a new Mac malware threat that appears to be a sophisticated attempt to raid cryptocurrency wallets.

Read more in my article on the Tripwire State of Security blog.

Twitter disables tweeting via SMS (temporarily at least), in wake of Jack Dorsey account hijack

In the wake of the CEO of Twitter having his account hijacked the site has disabled the option to tweet via SMS.

About the Twitter CEO ‘@jack hack’

Twitter co-founder Jack Dorsey had his account hijacked, after his mobile phone provider allowed someone else to seize his number.

Reddit hacked – but don’t give up on 2FA just yet

Yes, SMS-based 2FA can be intercepted by someone determined to hack into your account.

But it’s also better than not having any multi-factor authentication in place at all.

Read more in my article on the Hot for Security blog.

Facebook SMS spam risks spoiling adoption of 2FA

It’s hard enough getting people to turn on 2FA without sites using it to send non-security notifications.

Texting is no laughing matter

When you start watching this video from Western Cape Government in South Africa, you think it’s a bit of a giggle.

And then…

Smartphone spyware targets investigators hunting for missing Mexican students

19 people investigating the mysterious disappearance in 2014 of 43 Mexican students have been targeted by sophisticated smartphone spyware known as “Pegasus.”

David Bisson reports.

Ztorg malware hid in Google Play to send premium-rate SMS texts, delete incoming SMS messages

The Ztorg malware hid in apps on Google’s Play Store to send premium-rate SMS texts and delete incoming SMS messages on Android devices.

David Bisson reports.

How a single SMS can break your Samsung Galaxy Android phone

It’s hard to believe that it’s 2017, and we’re still talking about Android phones being compromised by boobytrapped SMS text messages.

Read more in my article on the Hot for Security blog.

Beware! This Android banking trojan intercepts SMS messages and bypasses 2SV

A type of Android banking trojan capable of intercepting SMS messages is currently targeting at least 50 major banking organizations worldwide.

David Bisson reports.

As the clocks go back, UK Apple users targeted by smishing campaign

As Brits slept, the phishing gangs were up to their old tricks – spamming out SMS messages purporting to be warnings from Apple that our Apple IDs were due to expire today, and that we should act quickly.

SMS phishing attackers continue to pursue Apple users

You would be wrong to think that this is just an attempt by the criminals to steal your Apple ID password – bad as that would be. It’s much worse than that.

Read more in my article on the We Live Security blog.

Watch out! There are Apple ID SMS phishers about!

It’s not just your bank accounts that online criminals are keen to break into. They would quite like to hijack your Apple ID credentials too.

Android trojan intercepts SMS messages to raid bank accounts

A new Android trojan has the ability to intercept text messages and bypass the SMS-based two-factor authentication system protecting customers’ bank accounts.

David Bisson reports.