SMS SOS: CISA Urges Ditching Unencrypted Texts for Phishing-Proof MFA

Mobile users in the US should ditch unencrypted SMS and embrace phishing-resistant multifactor authentication, according to CISA. The advice comes amid cyber threats from groups like Salt Typhoon. Key recommendations include using encrypted apps like Signal and FIDO2-enabled options for MFA. Consider this your digital upgrade to stop phishing in its tracks!

3P
Published: December 20, 2024 10:46 amAdded: December 20, 2024 at 3:12 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like the unencrypted SMS just received a “Dear John” letter from CISA. It’s time for mobile users to break up with their old insecure habits and switch to a more reliable partner: phishing-resistant MFA. Sorry SMS, it’s not us, it’s you—plus a few Chinese hackers.

Key Points:

  • CISA advises against using unencrypted SMS and suggests adopting encrypted messaging apps like Signal.
  • Phishing-resistant MFA, such as FIDO2-enabled options, is recommended over SMS-based MFA.
  • Gmail users should consider enrolling in Google’s Advanced Protection Program for enhanced security.
  • Personal VPNs may not offer the security and privacy benefits users expect.
  • Specific security settings are recommended for both iPhone and Android users.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?