So, I’ve been thinking of this post a little bit more since we covered it in news notes. The article is titlted The Rise of One-Time Password Interception Bots.
What was interesting about this article was the fact that it talks about SMS based authentication where the actors would get the codes because they’d call you and tell you there was a problem and you’d enter the code by telephone.
What I’m curious about is whether the authenticator apps are affected by this. The reason I ask is because if you got a call, and you believed it, you could enter those codes and they could probably try it.
I have thought about this and I think it could work although the OTP changes every 30 seconds, whereby the SMS could take minutes as they allow for it to be delivered.
Feel free to check this article out in full, and let me know what you think.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.