You just got a text message, and it’s from your credit card company, or bank, and its informing you of a new service, or other depressing information that only these sorts of companies can give you via text.
But is it definitely from your bank?
A security flaw discovered by a hacker who goes by the name of ‘pod2g’ has discovered a security flaw in the header section of the iOS text messaging service.
According to ‘pod2g’ the vulnerability has been there since iOS was first released and remains to this day, including in the iOS 6 beta.
So whats the problem?
The problem is something within the SMS header which includes the number the text originated from, and the number in which you reply to. This is used all the time by ‘opt in’ deals you get via text. It tells you where it comes from but when you reply it goes to a different number set up by that company so that the correct data goes to the correct people, which is fine and is done by thousands of companies every day.
The concern is when people who aren’t just trying to sell you something do it, and are after other information like your bank details. A message could be faked to your device and be used as false information. Pirates could send a message that looks as though it comes from your bank, credit card company, or anything else you would normally trust.
It’s much like getting spam to your email, BUT, because it comes to your phone, you trust it. Implicitly. In this age spam to your email is standard. Everyone gets it and you just delete it. Spam to your phone however whilst occasional, isn’t that frequent. Because it’s come to your phone, your more likely to trust it assuming that you gave the sender your number.
So whilst this flaw in iOS isn’t a huge security flaw in that it will wipe your phone, or seed your information to third parties, you do however need to be more alert when receiving text messages from companies you would normally trust.
Oh, and don’t go replying to text messages from the third prince of Nigeria says he wants to come to the west and give you millions in gold bullion for helping.