News

Australian telecom provider injects ad into Google text message

By admin
Spread the love

An Australian telecom provider has placed advertising in a verification SMS from Google, much to Google’s surprise. That was discovered by a developer who got the SMS. It wasn’t about phishing; the verification code was legitimate. Google is in talks with the provider.

The ad was discovered by developer Chris Lacy, who posted a screenshot on Twitter. It shows that the verification code is followed by an ‘SMS AD’ for a VPN service. At first glance, the text looks like a phishing attempt, but according to Lacy, the code in the text for logging in with 2fa worked, so it was a legitimate text from Google. Google Messages also does not mark the SMS as spam.

After input from several Google employees says Lacy that it seems that his telecom provider has injected the advertisement into the SMS. In a response to 9to5Google Google says it was not an ad from them and is talking to the telecom provider to find out what happened. Security researcher Mark Risher from Google responds that the company does not accept this practice.

Lacy is aware of it that SMS is not suitable for two-step verification because it is not encrypted, he says. It was an old account that had no alternative 2fa set up. He does not want to reveal the name of the provider for privacy reasons.

The text Chris Lacy received, including advertisement. Source: Chris Lacy, Twitter

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Brave sells web content as data for AI training

News

Valve releases major Team Fortress 2 update with community maps and new taunts

News

GitHub enables passwordless login via passkeys in beta