What's the optimal length for a 2FA code?

Screenshot of a text message. It says "Your one time passcode is 1031."

The other day, a company sent me a 2FA code which was only four digits long. I'll admit, this weirded me out. Surely 4 is just far too short. Right? I think almost every 2FA code I've seen has been 6 digits long. Even back in the days of carrying one of those physical RSA…

Continue reading →

Is this a banking scam SMS?

Screenshot of text message from Lloyds bank. It addresses me by name and gives me the name of someone who is going to call me - plus their phone number.

Earlier this week, my holiday was interrupted by a sophisticated SMS scam. Rude! Let's take a look at it. Let's take a look at all the ways we can tell it is a scam. Firstly, and most obviously, I am not a customer of Lloyds Bank! But these scammers send out to multiple people hoping…

Continue reading →

Why do scammers love NameCheap?

Can of Spam. From https://www.flickr.com/photos/27308606@N04/3920588954/in/photolist-6Ys3vh-D4tFyP-5Nfafk-4YquSL-j76egA-b4ThXT-j71TQi-4C6NQo-4zGP8b-8jBWuu-9NZujn-4mZsmC-Skcx6h-6qY9vr-hNh67-5Hf4WS-mSRtT-718hHC-71HDFc-kCAL2L-2NYWTK-kCANQm-6eLuK-6cSS7G-vVZqB-79Z3X-dgu3-4sqgZw-8WuDpp-5FQ3yz-4nFSR8-563Gj-mb7gL-39uw1-5f1fho-2NiBSN-5pDMMS-8b9Hjq-pRrxLR-hfXfA-5xmaj-9vw9hx-o9bd3k-258kqqN-tuDnQ-8YeJPL-5hrex8-pFKpm-vSKr9b-39r59D

The UK is facing an epidemic of SMS fraud. Scammers know that we're all at home eagerly waiting for deliveries. So they send out phishing messages saying "Sorry we missed you" or "You need to pay a delivery fee". If you click on the link they send, you'll go to a very convincing website which…

Continue reading →

That Time I Accidentally Invented Twitter

A proposal to micro-blog via text.

A curio from the archives. Waaaaaay back in 2003, I was working at Vodafone on their graduate training scheme. One of their fancy new ideas was a crowd-sourced employee suggestion box for new business proposals. As an eager young grad I submitted dozens of ideas. Most of them were crap. But, as I looked back…

Continue reading →

PaddyPower SMS Spam Follow-up

Earlier this year, I received SMS Spam from Paddy Power. I went into full-on Taken mode! I have a very particular set of skills, skills I have acquired over a very long career. Skills that make me a nightmare for spammers like them ☺ It culminated with barrage of complaints and an interview on BBC…

Continue reading →

Talking about SMS Spam with Radio 4

Earlier this week I appeared on BBC Radio 4's "You And Yours" to talk about the scourge of SMS Spam. You can listen to it on their website - or, if it has expired, I've grabbed an audio clip for your listening pleasure. I've asked the Direct Marketing Associate to create a "Do Not Text"…

Continue reading →

Dealing with SMS Spam from @PaddyPower

This is a cautionary tale of how my personal details have been repeatedly sold and resold by a British network of spammers - each of them turning a blind eye to the provenance of their data. I'm calling on the Direct Marketing Association to create a universal opt-out file - just like they do with…

Continue reading →

Donating via SMS - using QR Codes

One of the greatest cultural achievements of the last Labour Government was making museum entry free for everyone. Whether you're rich, poor, British, foreign, young, old - you can enjoy the treasures of our museums and galleries. Of course, while museums are funded by the state, they still rely on generating some external revenue -…

Continue reading →

Stopping Coral's SMS Spam

I don't like spam. I'm very careful always to tick the "do not pass my details on to 3rd parties" box on forms. So, when I do get SMS spam, I like to know who has been flouting the rules. See my previous investigation. A few weeks ago, I received this rather annoying message: I'm…

Continue reading →

Text Adventures Via Text Message

Remember text adventures, eh? They were pretty nifty! "You are in a maze of twisty little passages, all alike" >Go East "You have been eaten by a Grue. A dwarf starts singing about gold" Smashing! Just like the pictures are better on the radio, so the graphics are immeasurably superior when they're in your head.…

Continue reading →