alt Hacker NewsKeep it very simple: never give an SMS authentication code to anyone on a phone call, in response to a text message or email, or as part of any checkout or purchase. They are only to be used when logging in to an online account. Anything else is a scam.
Even that may be too complicated, now that I read it back.
Replies
toast0 • today at 1:24 AM
> or as part of any checkout or purchase.
Hope you don't have to do 3D-Secure for a purchase, I guess.
➕ show 1 reply
Unfortunately there are many companies that actually rely on SMS confirmation codes in real-time, which include reading it back to them.
A legitimate and generally well liked company, and its real helpful service representative used this method to verify my identify before they could finish their support effort.