SMS in unencrypted, and Google SE has been compromised for much if not all of 2022. From what I can tell the issue persists. I officially reported it in December, and again in January, and again in February. Pretty wild, TBH. Think about the number of services that have Google SE and Ads integration. Makes me nauseous.
Did you happen to report to Apple and Google (for documentation)?
Ways which I shared with Google, because it's a very serious privacy and security vulnerability.
We need more robust security integration to catch things before they are pushed to results. I understand latency will increase, and some ads revenue will decrease. But like, isn't it also cool to have a customer base that is better protected against egregious attacks, attacks that could be prevented? IMO, yes. It's called "stewardship."
Did you happen to report to Apple and Google (for documentation)?