Urian B., Tech Times

Australian Carrier Suspected of Including Ads in 2FA SMS Messages
(Photo : Screenshot From Pxhere Official Website) Australian Carrier Suspected of Including Ads in 2FA SMS Messages

Chris Lacy, the developer of Action Launcher, has recently tweeted a screenshot of a 2FA message from an unidentfied Australian carrier. Based on the image, the message is a standard Google sign-in verfication code for the Google Messages app, but it included an ad for a VPN.

With that, the messaged has been flagged as a spam text and the carrier is being suspected of including ads on such text messages.

2FA SMS Message with Ads

According to the story by XDA-developers, this is possible due to SMS messages being unencrypted meaning they can be read by the users' carrier. By including ads into 2FA texts, it would ensure tnat the end-user will see them as they need to check the code to access any app they are logging into.

While the move was noted as a spammy move, this is actually still possible due to just how unprotected SMS really is.

Several Google employees have reached out to Lacy, saying that it definitely did not come from the internet giant, and that it could be the work of the carrier the developer is using.

Google Investigates the Issue

According to the Director of Product Management on Identity and User Security at Google, Mark Risher, these are not Google ads, and the company does not condone those types of practices.

 It was also stated that Google is now working with the wireless carrier to clearly understand what is happening and ensure that it will not happen again.

The 2FA SMS authentication, although not completely secure, adds an extra level of security for users making it harder to access their accounts. There are a lot of people that aren't able to conveniently use certain hardware-based 2FA authentication hence using a simple SMS-based 2FA is easier for them.

SIM Swap and 2FA popularity

Although SIM swap attacks are a real thing, they aren't really something that needs any worrying. The article noted that it is still quite impressive that the Google Messages app was still able to pick up the spam message despite being sent from another Google phone number.

The increase in cybersecurity threats have been the reason behind the popularity of 2FA. 2FA is a way for users to verify that they are the ones trying to log into a certain platform, account, or website.

Read Also: Google Admits if Information Being Searched 'Isn't Online Yet' | When Shouldn't You Believe Search Results

What Happens When You Lose Your Phone?

The 2FA works as an additional authentication wherein users will receive a specific code on their device that they have verified as their own. With the use of their username and password, they can log in but only enter their account once they provide the 2FA code sent to their device.

One problem, however, can arise when users lose their mobile devices and thus need to go through the process of proving they lost their device through other means of authentication. When this happens, an article by NordPass noted that users should contact their mobile provider and have their number transferred to a new SIM card. This process can take a while depending on the mobile provider.

Related Article: 'Samsung Pay' Feature Could be Included in Samsung Galaxy Z Flip 3 According to FCC Filing

This article is owned by Tech Times

Written by Urian B.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: Australia Australian carrier 2FA SMS
Join the Discussion