Major threat for iPhone and Android users! A flaw allowed anyone to spoof your contacts.

Cyber ​​Fraud: This flaw was actually linked to an old feature known as the “Email-to-Text” service.

Cyber ​​Fraud: People often assume that text messages are completely secure and that the name appearing on the phone belongs to the actual sender. However, a recently discovered serious security flaw has cast doubt on this trust. By exploiting this vulnerability, cybercriminals could impersonate a trusted contact and send messages that appeared completely authentic.

This issue has now been resolved with the help of researchers and mobile companies, bringing relief to millions of smartphone users.

How did this hidden flaw work?

Computer scientists at the University of California, San Diego, discovered this vulnerability. The issue existed on both Android and iPhone platforms, affecting several major mobile networks.

The flaw was actually linked to an old feature known as the “Email-to-Text” service. This feature allowed an email to be directly converted into an SMS and sent to a mobile number.

The intersection of email and SMS caused the problem.

Email and text messaging rely on different technologies. When an email is converted into an SMS, network companies must translate various pieces of information.

This is where the problem arose. During this process, information regarding the sender’s identity was not always clearly conveyed. Cybercriminals could exploit this weakness to hide their true identity and make the message appear as if it came from someone else.

Phone contacts could also be targeted in the scam.

According to researchers, attackers could confuse the phone by using special characters and modifications within the email address. Consequently, the smartphone’s messaging app would mistakenly identify the message as coming from a saved contact. The result was that the name of a friend, relative, or associate would appear on the screen, even though the message had actually been sent by an unknown person.

Fake messages could also infiltrate existing chats

The most concerning aspect was that, in some cases, fake messages could be inserted into ongoing conversations. This led users to believe the message came from the person they were already chatting with. Consequently, these fraudulent messages appeared more credible, increasing the likelihood of people falling for the scam.

Although attackers could not read the user’s replies, the ability to send messages by impersonating a trusted contact posed a significant security risk.

Major companies implemented security updates

Following this research, several mobile network operators and smartphone manufacturers modified their systems. New security measures were introduced to better verify the sender’s identity.

Additionally, necessary improvements were made to Android and iPhone messaging services to prevent such spoofing incidents in the future.