How Hackers Can Hijack 2FA Calls with Sneaky Call Forwarding

In a crude but potentially effective attack, a hacker sends a malicious link which quickly sets up call forwarding for a target’s phone number. The result is the interception of 2FA calls, including for Gmail.
A demonstration video of the attack with two laptops and two pho
Image: Dvuln.

Hackers can automatically have targets setup call forwarding by simply clicking a link and following a prompt, which in turn may let the hackers intercept phone calls and certain two-factor authentication codes, according to a security researcher and 404 Media’s own tests.