Immediately update your Snapchat password

by -
Photo: XanderSt (Shutterstock) – Repeating 2FA login alerts are received by Snapchat users, and nobody knows why. Snapchat users bombarded Snapchat with repeated, unexpected 2FA messages this week, but it’s not clear whether it’s due to a failure at the end of Snapchat or because hackers trying to break into unsecured Snapchat accounts on a massive basis. Whatever, updating your Snapchat password immediately isn’t a bad idea.

Snapchat still has to comment on the subject. I’m just speculating, but it seems that we’d probably now hear from the company if some sort of random system glitch triggered these alerts.

Some suggested that malicious actors might have launched a large-scale 2FA phishing attempt, but I’m not so sure of the explanation based on screenshots shared by Twitter and other social media sites.

The texts shared online read like Snapchat’s official 2FA codes, unusual for a 2FA phishing scam. A common 2FA phishing is to require the user to confirm his 2FA codes and other account info via text or email that does not work on Snapchat or elsewhere. This is the only way 2FA phishing tactics are used. (No business is ever going to ask you for info about your account.) Other 2FA scam messages might contain links to an authentic thing but ac falsified login page. Other 2FA scam messages could include a link to a spoofed login page which looks like the true things but takes your login criteria into account.

Neither of the random 2FA Snapchat texts that I watched shared with the social media include these red flags. That doesn’t however mean that it wasn’t a hack of some sort attempted.

In order to make the messages evidence of attempted logins from externals, Snapchat sent 2FA codes whenever someone signs into a new device. If not, it might be a hint that someone has a list of Snapchat usernames and passwords out there, because 2FA codes are sent only after you have the right login information entry. It might also mean that accounts not enabled with 2FA are already compromised — again, if this is a hack.

Regardless of the reason, this problem 2FA is the perfect excuse for checking your Snapchat account. Users should change their password and double-check your HaveIBeenPwned account securely. And it’s good to allow 2FA for Snapchat when you aren’t already using it (and, honestly, for all your other social and email accounts).