What I am about to tell is scary!
Recently, my friend updated my Facebook status without my permission to play a prank on me. yesterday my status update read "I am an idiot"
so logined into my fb account; deleted the status update,changed all passwords(facebook & email), also changed the security questions. thinking I have all bases covered, slept:cool2:
Later, found same status update was posted(again). So this time i asked my friend how is he doing it. it turns out, he used sms spoofing.
Q) So, what is sms spoofing?
Ans: It allows to set who sent the message by replacing the
originating mobile number (Sender ID) with a fake number.
So it turns out, he sent those updates via Text Messages to facebook(9232232665) and in From: he entered my mobile number. so facebook thought I was updating the status.Now I didn't believe him at first & told him its not possible. But later is sent me a text message, which appeared to be sent from my own number:no: but I didn't sent it. Hence, it was clear that he indeed used sms spoofing.
later, I forced him to tell me how he did it. And I was amazed that how easy it is that I am worried now that even a 10year old can misuse this; for illegitimate uses such as impersonating another person, company,
product etc. apparently there is some website, using which spoofed text msg can be sent(Not posting the site name on purpose)
I would like to know if anyone else experienced this or general thoughts.
[Update]
Here is a proof:
news in dainik bhaskar on 17 feb 2011. Check the Top-right section
Recently, my friend updated my Facebook status without my permission to play a prank on me. yesterday my status update read "I am an idiot"
so logined into my fb account; deleted the status update,changed all passwords(facebook & email), also changed the security questions. thinking I have all bases covered, slept:cool2:
Later, found same status update was posted(again). So this time i asked my friend how is he doing it. it turns out, he used sms spoofing.
Q) So, what is sms spoofing?
Ans: It allows to set who sent the message by replacing the
originating mobile number (Sender ID) with a fake number.
So it turns out, he sent those updates via Text Messages to facebook(9232232665) and in From: he entered my mobile number. so facebook thought I was updating the status.Now I didn't believe him at first & told him its not possible. But later is sent me a text message, which appeared to be sent from my own number:no: but I didn't sent it. Hence, it was clear that he indeed used sms spoofing.
later, I forced him to tell me how he did it. And I was amazed that how easy it is that I am worried now that even a 10year old can misuse this; for illegitimate uses such as impersonating another person, company,
product etc. apparently there is some website, using which spoofed text msg can be sent(Not posting the site name on purpose)
I would like to know if anyone else experienced this or general thoughts.
[Update]
Here is a proof:
news in dainik bhaskar on 17 feb 2011. Check the Top-right section
