Millions of people are at risk due to the increasing use of SMS-based authentication links by online services, according to a recent study. Researchers found that these links, intended to simplify the login process, are making users vulnerable to scams, identity theft, and other crimes.
The study, published last week, identified over 700 endpoints delivering such texts on behalf of more than 175 services. These services, ranging from insurance quote providers to job listing sites and referral platforms for pet sitters and tutors, are increasingly relying on SMS authentication to bypass the complexities of traditional username and password systems. Instead, users provide their cell phone number during signup and receive authentication links or passcodes via text message when they want to log in.
A key vulnerability identified in the research is the use of easily enumerated links. This means that scammers can potentially guess valid links by simply modifying the security token, which is typically a string of characters at the end of the URL. By systematically altering these tokens, malicious actors can gain unauthorized access to user accounts.
"The ease with which these links can be manipulated poses a significant threat to user privacy and security," the study's lead author stated. "Services need to adopt more robust authentication methods to protect their users from potential harm."
The reliance on SMS-based authentication has grown in recent years due to its perceived convenience. However, security experts have long warned about the inherent risks associated with this method. SMS messages are not encrypted and can be intercepted by malicious actors. Additionally, phone numbers can be spoofed, allowing attackers to impersonate legitimate services and send fraudulent links.
The study's findings highlight the urgent need for online services to re-evaluate their authentication practices and adopt more secure alternatives, such as multi-factor authentication using authenticator apps or hardware security keys. Consumers are also advised to be cautious when clicking on links received via text message and to verify the legitimacy of the sender before entering any personal information.
AI-Assisted Journalism
This article was generated with AI assistance, synthesizing reporting from multiple credible news sources. Our editorial team reviews AI-generated content for accuracy.
Deep insights powered by AI
Continue exploring
Tensions flared this week as U.S. President Trump demanded control of Greenland, sparking a crisis with Denmark and threatening transatlantic relations. Trump's aggressive tactics, including tariff threats and veiled military action, initially escalated the situation before he seemingly backed down at the World Economic Forum in Davos, highlighting the fragility of alliances in the current global political landscape.
A diverse group of actors and filmmakers, including Molly Ringwald and Danielle Brooks, will participate in a Variety panel at Sundance to discuss the impact of cultural experiences on their creative processes. Presented by World of Hyatt, the conversation will delve into how cultural immersion shapes character development, narrative choices, and overall storytelling.
In a recent episode of "The Masked Singer," artificial intelligence algorithms correctly predicted the unmasking of rapper Tone Loc as Handyman, showcasing advancements in AI-driven pattern recognition. However, human panelists still played a crucial role, with Rita Ora accurately identifying actress Taraji P. Henson as Scarab, highlighting the ongoing interplay between AI and human intuition in entertainment. This blend of AI prediction and human insight raises questions about the future of talent identification and the evolving role of human expertise in a world increasingly influenced by intelligent machines.
Matt Damon and Ben Affleck are back, baby! Their new crime thriller, "The Rip," is hitting Netflix and critics are saying it's a total return to form, rivaling their big studio hits and proving these guys still got it. But does this streaming release signal a shift away from the big screen for prestige projects?
Netflix is expanding its Turkish content offerings in 2026, featuring an adaptation of Orhan Pamuk's "The Museum of Innocence," a novel exploring themes of love and memory against the backdrop of Istanbul's societal shifts, appealing to a global audience interested in Turkish culture and literature. The series, directed by Zeynep Günay, promises to bring Pamuk's exploration of Turkish identity and cultural heritage to a wider international viewership.
A correction has been issued for a Nature article published on January 14, 2026, concerning polyamine-dependent metabolic shielding's role in alternative splicing regulation. Specifically, Figure 1g contained incorrect labels ("24 h" instead of "SAT1, SMARCA1, and ACTB"), which has been rectified in the HTML and PDF versions, ensuring accurate representation of experimental results.
A correction has been issued for a *Nature* article regarding the role of oestradiol in inhibiting ferroptosis and acute kidney injury, addressing errors introduced during typesetting. The errors, including incorrect chemical structures in figures and inaccurate sample sizes, have been corrected as they did not impact the study's scientific conclusions. The publisher has also rectified incorrect references to supplementary figures within the text.
An editorial expression of concern has been raised regarding a figure in a 1998 Nature publication concerning the SAP protein's role in X-linked lymphoproliferative disease, a genetic condition affecting the immune system. Specifically, concerns involve potential similarities in PCR gel bands within Figure 4a, prompting the journal to alert readers while further investigation may be warranted to ensure the reliability of the published data. This highlights the importance of ongoing scrutiny in scientific research and the commitment to maintaining data integrity for studies related to immune function and genetic disorders.
A recent study reveals that discrepancies between creatinine and cystatin C blood tests, both used to assess kidney function, may indicate a heightened risk of kidney failure, heart disease, and mortality. This finding highlights the importance of utilizing both tests for a more comprehensive evaluation, especially in vulnerable populations like hospitalized and elderly patients, to avoid overlooking early warning signs.
Worcester Polytechnic Institute engineers have developed a novel, carbon-negative building material called enzymatic structural material (ESM) that utilizes an enzyme to convert atmospheric CO2 into a strong, durable mineral. This innovation presents a sustainable alternative to concrete, offering faster curing times, recyclability, and the potential to significantly reduce the construction industry's carbon footprint, marking a crucial step towards eco-friendly infrastructure.
Researchers have discovered that the Kondo effect, a key quantum phenomenon, can either suppress or create magnetism based on the size of the interacting quantum spins. This reveals a previously unknown quantum boundary with significant implications for understanding and developing new materials with tailored magnetic properties. The finding highlights the complex collective behaviors that emerge when quantum particles interact, furthering our understanding of quantum matter.
Researchers have discovered a method to manipulate materials using their inherent quantum energy, specifically excitons, instead of high-powered lasers. This technique allows for the temporary alteration of electron behavior within materials, enabling the creation of advanced quantum properties with significantly less energy and without causing damage, potentially revolutionizing the development and control of quantum materials.
Discussion
Join the conversation
Be the first to comment