Hackers can fake a special kind of SMS message that usually comes from mobile operators and trick users into modifying device settings, and, as a result, re-route their email or web traffic through a malicious server.
This attack vector, discovered and detailed in a report published today by cyber-security firm Check Point, is about OMA CP instructions, also known as provisioning messages
https://www.zdnet.com/article/samsung-h ... -messages/