Skip to content
Close Menu

    Subscribe to Updates

    Get the latest news from tastytech.

    What's Hot

    Command-Line ESXi Patching: A Controlled Workflow for Hosts Outside the Happy Path

    July 5, 2026

    NotebookLM Alternatives: Which Similar AI Tools Are Worth Your Time?

    July 5, 2026

    Must-Play PlayStation 3 Games Before The Store Closes Forever

    July 5, 2026
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    tastytech.intastytech.in
    Subscribe
    • AI News & Trends
    • Tech News
    • AI Tools
    • Business & Startups
    • Guides & Tutorials
    • Tech Reviews
    • Automobiles
    • Gaming
    • movies
    tastytech.intastytech.in
    Home»Tech Reviews»Millions of people imperiled through sign-in links sent by SMS
    Millions of people imperiled through sign-in links sent by SMS
    Tech Reviews

    Millions of people imperiled through sign-in links sent by SMS

    gvfx00@gmail.comBy gvfx00@gmail.comJanuary 22, 2026No Comments2 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email



    “We argue that these attacks are straightforward to test, verify, and execute at scale,” the researchers, from the universities of New Mexico, Arizona, Louisiana, and the firm Circle, wrote. “The threat model can be realized using consumer-grade hardware and only basic to intermediate Web security knowledge.”

    SMS messages are sent unencrypted. In past years, researchers have unearthed public databases of previously sent texts that contained authentication links and private details, including people’s names and addresses. One such discovery, from 2019, included millions of stored sent and received text messages over the years between a single business and its customers. It included usernames and passwords, university finance applications, and marketing messages with discount codes and job alerts.

    Despite the known insecurity, the practice continues to flourish. For ethical reasons, the researchers behind the study had no way to capture its true scale, because it would require bypassing access controls, however weak they were. As a lens offering only a limited view into the process, the researchers viewed public SMS gateways. These are typically ad-based websites that let people use a temporary number to receive texts without revealing their phone number. Examples of such gateways are here and here.

    With such a limited view of SMS-sent authentication messages, the researchers were unable to measure the true scope of the practice and the security and privacy risks it posed. Still, their findings were notable.

    The researchers collected 322,949 unique SMS-delivered URLs extracted from over 33 million texts, sent to more than 30,000 phone numbers. The researchers found numerous evidence of security and privacy threats to the people receiving them. Of those, the researchers said, messages originating from 701 endpoints sent on behalf of the 177 services exposed “critical personally identifiable information.” The root cause of the exposure was weak authentication based on tokenized links for verification. Anyone with the link could then obtain users’ personal information—including social security numbers, dates of birth, bank account numbers, and credit scores—from these services.

    Table of Contents

    Toggle
      • Related posts:
    • I asked ChatGPT to grade my interview answers — it was more useful than real interviews
    • US data centers use enough electricity to power upwards of 16 million homes annually – the statistic...
    • Tim Cook to Step Down After 15 Years as Apple CEO

    Related posts:

    Polish SSD vendor quietly launches a massive 122.88TB enterprise SSD for immersion cooling

    Before SpaceX IPO, investors in China secretly acquired stakes

    These 5 affordable Black Friday coffee machine deals prove you don't need to pay a premium for baris...

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleThe ALGS Championship’s underdog winner, Oblivion, just made esports history
    Next Article Vibe Coding a Bridge-Ball Game with Emergent in Minutes
    gvfx00@gmail.com
    • Website

    Related Posts

    Tech Reviews

    NotebookLM Alternatives: Which Similar AI Tools Are Worth Your Time?

    July 5, 2026
    Tech Reviews

    AirPods Max 2 vs Sony WH-1000XM6: which is king of the noise cancelling headphones game?

    July 5, 2026
    Tech Reviews

    Windows and Linux users: The deadline to update Secure Boot keys is near

    July 5, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Top Posts

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025129 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram

    Subscribe to Updates

    Get the latest tech news from tastytech.

    About Us
    About Us

    TastyTech.in brings you the latest AI, tech news, cybersecurity tips, and gadget insights all in one place. Stay informed, stay secure, and stay ahead with us!

    Most Popular

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025129 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views

    Subscribe to Updates

    Get the latest news from tastytech.

    Facebook X (Twitter) Instagram Pinterest
    • Homepage
    • About Us
    • Contact Us
    • Privacy Policy
    © 2026 TastyTech. Designed by TastyTech.

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.