[url=http://thenextweb.com/insider/2015/06/19/this-social-engineering-trick-makes-breaking-into-email-accounts-scarily-easy/#][u]This social engineering trick makes breaking into email accounts scarily easy[/u][/url] [quote]The anatomy of the attack in the video is fairly simple, but surprisingly effective: *Send the victim a text from an unknown number, warning them that they’re about to receive a code to ensure their Google account is secure and asking them to reply with the code to confirm *Trigger the Gmail password reset process, which sends a message containing an unlock code to the registered phone *The user receives the code they’ve been warned about and sends it back to the attacker *Attacker logs in to Gmail account without detection[/quote] Just remember, if you get a text message that asks for a password OR a code, do NOT reply to the text. Dual-authentication is (and always should be) a "one way" conversation where your code is sent to you at YOUR request and you enter it into your own session.