Here a new Social Engineering tricks have been discussed by Security firm Symantec, where attacker /scammers only needs your mobile number to get into your email accounts. Symantec have warned users about a new Password Recovery Scam , where scammers trick user to send password reset code by social engineering tactics.
Since the process to reset the password is almost similar to all mail services, this new password recovery scam affects all popular webmail services including Gmail, Yahoo, and Outlook among others.
For the demonstrated purpose Symantec has provided a video explanation of how this new hack attack works.
How Scam Works..!!!!
- Send the victim a text from an unknown number, warning them that they’re about to receive a code to ensure their Google account is secure and asking them to reply with the code to confirm
- Trigger the Gmail password reset process, which sends a message containing an unlock code to the registered phone.
- The user receives the code they’ve been warned about and sends it back to the attacker
- Attacker logs in to Gmail account without detection
So all readers be alert with these types of scam message and phone calls.
Social Engineering is the best attack which give high success rate if you can design it with the creative thinks.
"There is NO patch for the Human Stupidity"