WATCH out if you receive an email from Uber as it may not be all it seems.
Experts claim to have found a security flaw in the ride hailing app’s communication system.
2
The bug means anyone can send an email addressed from uber.com and trick unsuspecting users into believing it’s a genuine message.
Hackers could use this and the 57million email accounts leaked in a huge 2016 data breach for the perfect scam.
And according to Bleeping Computer, Uber is aware but yet to do anything about it.
Security researcher Seif Elsallamy made the discovery and demonstrated how easily it could be exploited by online crooks.
One way is by asking users to verify their card details.
Given that it would comes from an uber.com email address, many could be fooled into thinking it’s the real deal.
And worse still, using the official web address means the emails could bypass spam detection.
According to the expert, Uber rejected the problem after he’d reported it to them.
Most read in News Tech
Apparently they decided it was “out-of-scope” as it would require some form of social engineering to achieve.
“Now I understand why you always have data breaches,” he tweeted the firm.
Back in October 2016 Uber suffered a huge data hack that affected 57million customers and drivers.
Two hackers managed to access personal information they stole from a “third-party cloud-based service”.
Uber initially paid them £75,000 to delete the names, phone numbers and email addresses stolen from a server, on the quiet.
The UK data regulator, ICO, later fined the company £385,000 over data protection failings.
2
I spent £176 on my boyfriend’s Uber account to confront him after I spotted him ‘cheating’ on Facetime – the truth was VERY different
In other news, Apple has become the first company to hit a stock market valuation of $3trillion (£2.22trillion).
Popular Twitch creator Sliker has been banned from the platform after sharing nude imagery of fellow streamer Amouranth.
And internet users have been urged to check their online accounts against one of 2021’s worst cyber threats.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk
