I was in the middle of work, all of a sudden I received an SMS from Revolut. It read:
Your Revolut code:… (it will expire in 10 minutes)
First thought: sh*t somebody’s trying to hack into my Revolut account, maybe trying to buy something online with my card number (or virtual card), and is being blocked by the 2-factor authentication security. I checked and I could not recognize any unknown transaction on my account.
On second thoughts, I am using Account Aggregators, which are basically robots that connect daily through bank APIs to my bank accounts to give me a consolidated view of my accounts. Maybe something changed in Revolut’s API and now it starts to send me code when the Aggregator attempts to ping my account? This is not very likely as I never had this in the past and have been using aggregators for the last 2 years.
What could have triggered this unsolicited security code? Should I be worried?
Or is this another hacker technique sending you a code and hoping that you would react on it? (note: there is no link in the SMS to click on, just the code - this does not look like a phishing attempt).
I tried to contact Revolut support, however it said “an agent will be with you in roughly 8 minutes”… this was 8 hours ago.
[Edit] better safe than sorry, I went to the security settings of my card in the Revolut app, and turned off online transactions, and switched location security on.