The Metro Bank is not the only one to have gone through this incident, as reports suggest that a number of other banks have been impacted as well. As such, hackers have intercepted text messages which are supposed to add two factor authentication security to banking. In text message banking fraud, the exploit takes advantage of a weakness in the design of the networks, which is used to set up and route text messages and calls. As the banking network doesn’t authenticate who sends a request, in case a hacker gains access to it, they can instruct the network to reroute text messages to themselves instead of the genuine recipient. On the other hand, in case of banking, if hackers capture the code the bank thinks they are sending to their customer, then the fraudsters can gain access to the bank account.
However, the UK moves towards text messages as a means of authentication for online payments, which means that this might raise other issues: when criminals commit large numbers of relatively small financial crimes, they are mostly ignored as banks simply refund their customers. Still, the UK government wants to take into consideration and focus on this type of fraud.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now