Technology has evolved, but so have the attempts of hacking, “phishing” and other security breaches. Recently, Check Point Research has found a security flaw in Android phones, leaving users vulnerable to phishing attacks, according to Help Net Security.

This attack takes advantage of Android phones’ over-the-air (OTA) provisioning, which allows mobile network operators to send network specific settings to new phones joining the network. However, the Open Mobile Alliance Client Provisioning (OMA CP), which is the industry standard for OTA provisioning, has limited authentication methods. Therefore, hackers can pretend to be network operators and send false OMA CP messages to users, who are tricked into accepting malicious settings.

“A remote agent can trick users into accepting new phone settings that, for example, route all their internet traffic to steal emails through a proxy controlled by the attacker,” researchers Artyom Skrobov and Slava Makkaveev wrote for The Next Web.

According to Help Net Security, Samsung phones are the most susceptible to this phishing hack because the user only needs to accept the OMA CP and the software will be installed without the sender needing to prove their identity. In Huawei, LG and Sony phones, hackers need only the International Mobile Subscriber Identity (IMSI) of the recipient to confirm their identity. Certain Android apps can send a phone’s IMSI to attackers.

This vulnerability can be exploited as long as these phones are connected to their carrier network; Wi-Fi hotspots have not been affected in these attacks. Hackers are using GSM modems to send out phony alerts and messages.

Since these findings, Samsung released a fix addressing the phishing attempts in their Security Maintenance Release, LG included a similar fix, Huawei plans to have a UI fix for OMA CP in their next generation of phones and Sony stated that all of their phones follow the OMA CP specification. OMA is also tracking this issue.

These phishing attacks show consumers that it can go beyond just email attempts and that they should be vigilant about installing anything untrusted on mobile devices, especially links and text messages that are untrustworthy.

“Threat actors are becoming better at extracting information outside of Wi-Fi hotspots each and every single day,” Skrobov and Makkaveev said for The Next Web. “We should all be on extra alert, especially when we’re not connected to public Wi-Fi hotspots.”

Consumers can take different measures to protect themselves from phishing attempts. When it comes to suspicious emails, users can contact the company directly by using information provided on the company’s official website. People can also search for the company online, but not using any information transmitted in the suspected email.

Victims of phishing can report the attack to the correct people within an organization, watch for unauthorized changes to accounts and even report it to local police or the Federal Trade Commission.