SMS Caller ID Spoofing Opens Twitter Users Up to Hacking

Nitesh Dhanjani writes:

Because it is so easy to spoof Caller ID, it is clear that Caller ID information should never be trusted to authenticate users, and many financial institutions have learnt this the hard way. Given the popularity of Twitter, similar phone+IM+email mash-up services are likely to be created in the very near future. I sincerely hope these services realize the implications of authenticating users based on incoming SMS headers and Caller ID information.

This explains why Anil’s Twitter account was compromised this morning.

This entry was posted in General on by .

About Andy Wibbels

Andy is an award-winning blogger and author of the book Blogwild! A Guide for Small Business Blogging. His work has been featured in The Wall Street Journal, USA Today, Entrepreneur, Wired, Business Week, Forbes, and other national and international media. He was worked at several San Francisco startups including Typepad, Get Satisfaction, SInMobi, Keas, and Mindjet. Currently, Andy is Director of Marketing at Lucidworks. Tw · Fb · G+ · Li

Leave a Reply

Your email address will not be published. Required fields are marked *