My point still stands. [0] [1]<p>Never ever use SMS verification. If you linked any account with your phone number, they can do a SIM swap attack and password reset your account, which is game over.<p>[0] <a href="https://news.ycombinator.com/item?id=26145985" rel="nofollow">https://news.ycombinator.com/item?id=26145985</a><p>[1] <a href="https://news.ycombinator.com/item?id=25762179" rel="nofollow">https://news.ycombinator.com/item?id=25762179</a>
It's so shocking to me that this person is breathing a metaphorical sigh of relief already. If someone got into my E-mail, it would pretty much be game over. I would have to spend weeks (if not months or years) dealing with the potential fallout.<p>Also, aside from the regular problems that come from such a compromise, attackers can also begin sending E-mails from your address - in perpetuity - if they set up a Gmail alias.