Here a new Social Engineering tricks have been discussed by Security firm Symantec, where attacker /scammers only needs your mobile number to get into your email accounts. Symantec have warned users about a new Password Recovery Scam , where scammers trick user to send password reset code by social engineering tactics.
Since the process to reset the password is almost similar to all mail services, this new password recovery scam affects all popular webmail services including Gmail, Yahoo, and Outlook among others.
- Send the victim a text from an unknown number, warning them that they’re about to receive a code to ensure their Google account is secure and asking them to reply with the code to confirm
- Trigger the Gmail password reset process, which sends a message containing an unlock code to the registered phone.
- The user receives the code they’ve been warned about and sends it back to the attacker
- Attacker logs in to Gmail account without detection
"There is NO patch for the Human Stupidity"