Connect with us

Technology

Are bank text codes enough to protect you?

Published

on

Are bank text codes enough to protect you?

NEWYou can now listen to Fox News articles!

Bank security can feel confusing because every account seems to handle it differently. One bank sends a text. Another sends an email. Another asks you to approve a login inside its app. So when someone says, “Use stronger two-factor authentication,” it is fair to wonder what that actually means. 

Kyra from West Plains, Missouri, reached out to us asking:

I watched your podcast video where you talked about two-factor authentication and getting codes by email from your bank and other accounts. My accounts seem to do that automatically, as far as I know. Is that enough, or do I need to contact my bank to make sure it’s set up correctly

— Kyra from West Plains, Missouri

Kyra, this is a great question because a lot of people are in the same boat. They see a code pop up and assume they are fully protected. The truth is a little more complicated. Text or email codes are better than having only a password.

Advertisement

Text and email codes, however, are not always the strongest options. Scammers have found ways to steal codes, trick people into sharing them or take control of a phone number through a SIM swap scam. Once scammers control your number, they may receive the text codes needed to get into accounts that use SMS-based multi-factor authentication.

TOP MULTI-FACTOR AUTHENTICATION APPS TO PROTECT YOUR ACCOUNTS

Bank customers using text-message security codes may still face risks from SIM swap scams and phishing attacks. Cybersecurity experts recommend stronger login protection when available. (Anna Barclay/Getty Images)

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

What two-factor authentication actually does

Two-factor authentication, also called 2FA or multi-factor authentication, adds another step when you log in. Instead of relying only on your password, the account asks for something else to prove it is really you.

That “something else” might be a code sent by text, a code from an authenticator app, a security key or a prompt inside your bank’s mobile app. Two-factor authentication is one of the best ways to protect your accounts because it adds a second layer beyond your password. 

Advertisement

So, Kyra, if your bank already sends you a code, that is a good sign. It means some form of extra protection is turned on. But the next question is whether your bank offers a stronger option.

SIM SWAP SCAM DRAINED FLORIDA WOMAN’S BANK ACCOUNT IN MINUTES

Why text message codes are not the strongest choice

Text message codes are popular because they are easy to use. Most people know how to read a text and type in a code. That convenience comes with risk.

A SIM swap scam happens when a criminal tricks your phone carrier into moving your phone number to a device they control. Once that happens, your calls and texts may go to the scammer instead of you. The American Bankers Association warns that scammers may try to intercept two-factor authentication codes so they can access financial accounts.

Scammers can also call, text or email while pretending to be your bank. They may say there is fraud on your account and ask you to read back a code. That code may actually be the key they need to log in. Scammers often try to trick people into sharing verification codes because they need both the password and the code to break into an account.

Advertisement

BEWARE FAKE CREDIT CARD ACCOUNT RESTRICTION SCAMS

That is why the safest rule is simple: Never share a bank security code with anyone who contacts you. A real bank should not call and ask you to read back a login code.

Why an authenticator app is usually better

When your bank supports it, an authenticator app is usually a stronger choice than text messages. Apps such as Google Authenticator, Microsoft Authenticator, Authy and Duo Mobile generate a changing six-digit code on your phone.

The big advantage is that the code is created inside the app. It usually works even when you do not have cell service. It also does not depend on your phone number, which helps reduce the risk from SIM swap scams.

That said, authenticator apps are not magic. If you type a code into a fake banking website, a scammer may still capture it. One-time password authentication isn’t phishing-resistant. Still, authenticator apps remove some of the biggest weaknesses tied to text-message codes.

Advertisement

NEW PHISHING ATTACK USES REAL-TIME INTERCEPTION TO BYPASS 2FA 

Two-factor authentication adds a second layer of protection to online banking accounts, but not all methods offer the same level of security. Authenticator apps and passkeys are generally safer than text codes. (Kyle Ericksen/WWD/Penske Media via Getty Images)

The strongest option, if your bank offers it

Some banks and financial services give you stronger ways to prove it is really you when you log in. Two of the strongest options are hardware security keys and passkeys.

A hardware security key is a small physical device, often shaped like a USB stick, that you plug into your computer or tap against your phone to approve a login.

A passkey lets you sign in using your device, such as your phone or computer, often with Face ID, Touch ID, a fingerprint or a screen lock.

Advertisement

These options are harder for scammers to steal because they are designed to work only with the real website or app. That means a fake banking website usually cannot trick them the same way it can trick someone into typing in a text code.

For most people, the safest order is simple: use a security key or passkey if your bank supports it. If not, use an authenticator app. If text codes are the only option, keep them turned on because they are still better than using only a password.

How to check your bank’s security settings

You may not need to visit a branch. In most cases, you can check this from your bank’s official website or app.

Start from a computer if you can. Go directly to your bank’s official website by typing the web address yourself. Do not click a link from a text or email, even if it looks real.

Then look for a section with a name like:

Advertisement
  • Security
  • Login & Security
  • Privacy & Security
  • Two-Factor Authentication
  • Multi-Factor Authentication
  • 2-Step Verification

Once you are there, look for an option called Authenticator app. Some banks may use different wording, such as authentication app, one-time passcode app, TOTP, security app or third-party authenticator. If you see that option, follow the setup steps. Your bank will usually show a QR code on your computer screen. Open your authenticator app on your phone, tap Add account or the + button, then scan the QR code. The app will generate a six-digit code. Enter that code on your bank’s website to confirm setup.

Do not skip the backup codes

This part matters more than people realize. If your bank gives you backup codes, save them right away. Print them and store them somewhere safe, or place them in a secure password manager. These codes can help you get back into your account if your phone gets lost, damaged or replaced.

Also, make sure your bank has your current email address and phone number on file. If your recovery information is old, getting back into your account can become much harder.

If you share access with a spouse or trusted family member, ask your bank how additional users should set up their own secure login. Avoid sharing one password or one authenticator code when the bank offers separate user access.

What to do if your bank only offers text codes

Some banks may not offer a third-party authenticator app, but may let you approve logins inside the bank’s own mobile app. That can be stronger than a text message because the approval happens inside the banking app rather than through your phone number.

AMERICA’S MOST-USED PASSWORD IN 2025 REVEALED

Advertisement

If yours only offers text-message codes, do not turn them off. Text codes are still better than no second layer at all. However, you should ask your bank whether it supports a stronger option. You can call the number on the back of your debit or credit card, use secure messaging inside the bank’s app or visit a branch.

Ask this: “Do you support authenticator apps, passkeys, hardware security keys or app-based login approval for online banking?”

If the answer is no, keep text codes turned on. Then strengthen the parts you can control. Use a strong and unique bank password, and store it in a trusted password manager so you do not have to remember it or reuse it anywhere else. Check out the best expert-reviewed password managers of 2026 at CyberGuy.com.

In addition, ask your mobile carrier to add a port-out PIN, number transfer lock or account security PIN to help reduce SIM swap risk. Also, turn on account alerts for transfers, password changes and new device logins.

 HOW SIM SWAPPING LED TO A $1.8M CYBER FRAUD CASE

Advertisement

Security experts warn that scammers can intercept text verification codes or trick customers into sharing them. Customers should never provide login codes to unsolicited callers or texts. (Karl-Josef Hildenbrand/picture alliance via Getty Images)

Should Kyra contact her bank?

Yes, but she probably does not need to walk into a branch unless she prefers in-person help. Kyra should first log in to her bank’s official website or app and check the security settings. If she sees an authenticator app, passkey, security key or app-based approval option, she should consider using it. If she only sees text or email codes, she should keep them turned on and contact the bank to ask whether stronger login options are available.

She should also make sure her bank password is strong and unique, protect her email account with strong two-factor authentication and confirm that her account alerts are turned on.

WORLD PASSWORD DAY: CHECK IF YOUR PASSWORDS ARE SAFE

Kurt’s key takeaways

Kyra’s question gets to the heart of account security. Seeing a code arrive by text or email can feel reassuring. And yes, it is better than relying on a password alone. However, bank accounts deserve the strongest protection your bank offers. If you can move from text codes to an authenticator app, that is a smart upgrade. If your bank supports a passkey or security key, even better. And no matter which method you use, never give a security code to someone who calls, texts or emails you out of the blue.

Advertisement

Have you checked whether your bank still relies on text codes, and would you switch banks if yours refused to offer stronger login protection? Let us know by writing to us at CyberGuy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Technology

Meta is reportedly working on smart glasses that would be recording all the time

Published

on

Meta is reportedly working on smart glasses that would be recording all the time

Meta might be the next company to make an always-on AI wearable. The company is working on prototype “super sensing” always-aware smart glasses that could continuously record audio and snap photos “every few seconds,” according to the Financial Times. The wearer could then ask Meta AI about the captured audio and images.

However, the images and audio might not be directly available to the user. Here’s how the FT describes one way the glasses could use the data:

In one proposed system, raw footage and audio would not be stored by Meta or made available to the user, several people said. Instead, the metadata from that audio and images would be extracted and uploaded to the server for Meta’s AI to query, which proponents argue would have fewer privacy implications.

But currently, Meta is planning for the LED recording indicator to remain off in “super sensing” mode, the FT reports. In a July 2025 whitepaper, the company said that it would reserve the LED indicator for “active capture” scenarios where the user is saving photos or videos, and leave it off during “AI Feature” use — such as scanning a menu — to avoid users becoming too used to the indicator. (If the indicator was on during the “super sensing” mode, it might also be harder to know when the glasses are actually recording video.)

Meta is also discussing if it would use the captured data for training its AI models. It may also bring the “super sensing” features to glasses it has already released, the FT says.

“While we don’t comment on internal prototypes, we’re committed to getting our glasses right because they need to be loved by both people wearing them and those around them,” Meta spokesperson Dave Arnold says in a statement to The Verge. Arnold also notes that “Our approach has been to develop new technologies that will help people throughout their day, with privacy built in from the ground up.”

Advertisement

Meta hasn’t been shy about some type of always-aware glasses being a possibility. CEO Mark Zuckerberg, in the company’s Q1 2026 earnings call, said that he was “really excited to see the glasses evolve from being able to answer questions to being able to be a personal agent that’s with you all day long, helping you remember things and achieve your goals.” In a March blog post about new Ray-Ban Meta glasses, the company wrote that “with ongoing software updates, Meta AI on glasses will transition from something you have to prompt with a question each time, to a more continuous, in-the-moment assistant that can help throughout the day.”

Continue Reading

Technology

Get a $30 credit when you reserve Samsung’s upcoming Galaxy phones

Published

on

Get a  credit when you reserve Samsung’s upcoming Galaxy phones

Even though they haven’t been officially announced yet, Samsung is giving you a chance to save some cash when you preorder what we’re expecting to be the brand’s updated Galaxy Z Fold phones. The next Galaxy Unpacked event will take place on July 22nd, 2026, and features the tagline “A new shape unfolds.” In addition to seeing updated versions of the existing Flip and Fold form factors, we anticipate the debut of a new, wider foldable phone. If you register your interest ahead of time and end up preordering one of the new phones shortly after they’re announced, Samsung will give you a $30 store credit at checkout.

There are some caveats to this offer. You have to use the credit when you preorder the phone. No saving it for later. Also, the credit can’t be applied to the cost of the phone either, so you’ll have to put it towards the cost of accessories or extra services. Samsung specifically calls out that select Galaxy rings, earbuds, watches, and tablets are eligible, or you can use it to help pay for Samsung Care Plus.

There are no downsides to registering your interest, so if you think you might be interested in buying one of the upcoming phones, it’s worth filling out the form. As long as you use the same email during checkout, the credit will be automatically applied.

Continue Reading

Technology

Apple AI security update proves hackers move fast

Published

on

Apple AI security update proves hackers move fast

NEWYou can now listen to Fox News articles!

A security update rarely feels dramatic. You see the alert, promise yourself you will install it later and then go right back to whatever you were doing. This time, Apple is giving you a stronger reason to pay attention.

Advertisement

Apple released iOS 26.5.2, iPadOS 26.5.2 and macOS Tahoe 26.5.2 on June 29, 2026. The updates include security fixes for vulnerabilities tied to the kernel, WebKit and WebRTC. Apple says these fixes were first made available through the iOS 26.6, iPadOS 26.6 and macOS Tahoe 26.6 betas before being pushed out early to everyone.

That is the part that should make you pause. Apple usually rolls many security fixes into larger software updates. This time, the company moved faster.

AI IS NOW POWERING CYBERATTACKS, MICROSOFT WARNS

Apple pushed out security fixes early because AI can help hackers study software flaws faster. (Nikolas Kokovlis/NurPhoto via Getty Images)

Sign up for my FREE CyberGuy Report

Advertisement
  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Why Apple released this AI security update early

Apple reportedly accelerated the updates because artificial intelligence can help speed the creation of malicious hacking tools. Once a fix appears in a beta, attackers may be able to study it, reverse-engineer the weakness and move faster than before.

Apple said there was no evidence that the newly patched vulnerabilities had been exploited. Still, the company wanted to shrink the time between when fixes were first visible and when they reached your devices.

That is a major shift. It suggests Apple sees AI as a force that changes the timing of security. A flaw that once gave defenders more breathing room may now become a race.

What Apple fixed in iOS 26.5.2

Apple’s iOS 26.5.2 and iPadOS 26.5.2 notes list fixes for iPhone 11 and later, along with several supported iPad models. The security content includes kernel vulnerabilities that could let an app crash the system, corrupt kernel memory or leak sensitive kernel state.

The update also fixes multiple WebKit issues. WebKit powers Safari and web content inside many apps. Some of these flaws involved malicious web content that could lead to crashes, memory corruption, data leaks or sandbox escapes.

Apple also fixed WebRTC issues that could be triggered by malicious web content and lead to Safari or process crashes.

Advertisement

For Mac, Apple lists macOS Tahoe 26.5.2 as the current release. If your Mac runs macOS Sonoma or macOS Sequoia, Apple also lists Safari 26.5.2 as a June 29, 2026, security release.

A woman uses a smartphone outside an Apple Store on June 20, 2026, in Shenzhen, Guangdong Province, China. (Cheng Xin/Getty Images)

Why AI hacking tools change the security race

AI can help legitimate researchers find bugs faster. That is good when the work leads to stronger software and responsible disclosure. However, the same general capability can also help bad actors move faster. A criminal does not need to understand every line of code if an AI tool can help summarize a patch, compare software changes or suggest where a weakness may be hiding.

That is why Apple’s move is important. It shows that big tech companies may need to release security fixes sooner and more often, even when those updates do not include flashy new features. The wider AI world adds pressure here. Frontier AI companies have released or tested systems with stronger coding and cybersecurity capabilities. Some models are available only through limited previews, approved access or extra safeguards because of their potential cyber use.

Similar efforts are also emerging outside the United States. Several international AI labs and security companies now promote models designed to find vulnerabilities, analyze code and assist cyber defense. The takeaway for you isn’t that AI is automatically bad. The real point is speed. Security teams, attackers and AI tools are now moving on a shorter clock.

Advertisement

How to update your iPhone or iPad

Before you update, plug in your device and connect to Wi-Fi. You may also want to back up your iPhone or iPad first.

Then do this: Open Settings > General > Software Update > Download and Install.

After the update finishes, go back to Settings > General > Software Update > Automatic Updates. Make sure automatic updates are turned on. Apple also lets your device automatically install system file updates that improve security without changing the full software version. If you do not see the update right away, check again later. Apple releases updates in stages, and your device also needs enough battery and storage.

How to update your Mac

On a Mac, start with a backup. Then click the Apple menu > System Settings > General > Software Update . Choose Update Now if macOS Tahoe 26.5.2 appears.

Next, check your background update settings. On macOS Tahoe 26 or later, go to Apple menu > System Settings > General > Software Update . Click the More Info button next to Automatic Updates and make sure Install system data files and security updates is turned on.

Advertisement

If your Mac runs Sonoma or Sequoia, look for Safari 26.5.2 in Software Update as well. That Safari update may be the protection your Mac needs if you are not on Tahoe.

BEWARE OF HACKERS SHOWING UP PRETENDING TO BE IT

What this Apple security update means to you

You may see more security updates that feel sudden or small. That can be annoying, especially when you are busy or your device needs to restart.

Still, these updates are becoming more important. Apple is reacting to a world where AI can help shorten the time between a public fix and a possible attack.

So, when your iPhone, iPad or Mac asks you to update, do not treat it like background noise. The update may be closing a door someone else is already trying to find.

Advertisement

Updating your iPhone, iPad and Mac helps close security holes before attackers get more time to exploit them. (Katharina Kausche/picture alliance via Getty Images)

How to stay safe after the Apple security update

Installing the Apple AI security update is the best first move. After that, tighten a few habits that make attacks harder.

1) Keep your apps updated

Your operating system is only part of the security picture. Outdated apps can still create risk, especially if they handle messages, web links, photos, files or account logins. Open the App Store and install available updates regularly.

2) Watch out for suspicious links

Be careful with links in texts, emails and social media messages. WebKit and browser flaws are a reminder that malicious web content can be part of an attack. When in doubt, open the official app or website yourself instead of tapping a link.

3) Use strong passwords and two-factor authentication

Use strong, unique passwords for every account and store them in a password manager. Then turn on two-factor authentication (2FA) wherever possible. If one password gets exposed, you do not want it opening the door to your email, bank or Apple account.

Advertisement

4) Use strong antivirus protection

Use strong antivirus protection on your Mac and other connected devices. It can help catch malicious files, phishing attempts and suspicious activity before they do damage. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.

5) Back up your data regularly

Back up your iPhone, iPad and Mac before problems hit. A recent backup can help you recover faster if an update fails, your device gets stolen or malware locks you out of important files. CyberGuy’s guide to backing up your devices walks you through ways to protect your files using cloud storage, an external drive or both.

6) Use a personal data removal service

Use a personal data removal service to reduce how much of your personal information is floating around online. Data brokers and people-search sites can expose your name, address, phone number and relatives. Scammers can use those details to make phishing messages feel more believable. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

Kurt’s key takeaways

Apple’s early security release shows how fast the cyber threat landscape is changing. The company says there is no evidence these newly patched flaws were exploited, but it still moved the fixes out before the wider 26.6 release. That tells me the old habit of waiting weeks to update is getting riskier. AI can help defenders, but it can also help criminals study weaknesses faster. My advice is direct: update your Apple devices now, turn on automatic security updates and stop putting off patches that protect the phone and computer you use every day.

Do you think AI will make your devices safer because companies can find flaws faster, or more vulnerable because hackers can move faster too? Let us know by writing to us at CyberGuy.com.

Advertisement

Automatic updates, strong passwords and a personal data removal service can make you a harder target after the update. (Silas Stein/picture alliance via Getty Images)

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Continue Reading
Advertisement

Trending