Abusing phone verification to steal money from Instagram, Google and Microsoft
Here's a fun read. A security researcher found a way to abuse phone verification systems to steal money from major corporations Google, Instagram and Microsoft. He was able to trick the verification system into calling premium phone numbers. After he reported the vulnerabilities, he received a total bug bounty of $2500, which might be considered a small amount of money compared to the damage he could have done.
https://www.arneswinnen.net/2016/07/how-i-could-steal-money-from-instagram-google-and-microsoft/
In case you missed it, the only way the guy could actually be "Stealing" the money for himself, is if he owned the premium numbers he tricked them into calling. LOL
Keep it Clean!
My Blog Posts, Neatly Categorized!
Indeed, but I imagine it is quite easy to get your own premium number that pays you when someone calls. There are services for everything these days.
Touche!