SMiShing - Phishing via SMS, a real threat

McAfee Avert Labs Blog posted last friday (25th August, 2006) about a Phishing attack, that is started by an SMS on your mobile phone. This may not be a direct security threat for your Mobile phone, but a severe threat for your desktop/laptop computers and network that you are connected to.
This phenomena, which we at McAfee Avert Labs are dubbing “SMiShing” (phishing via SMS), is yet another indicator that cell phones and mobile devices are becoming increasingly used by perpetrators of malware, viruses and scams

The attack starts with an SMS on your mobile phone indicating that you have signed up for a dating service and you will be charged $2 per day unless you visit a URL and cancel your subscription. And for many this looks like a real SMS. So when you visit the URL, the website will prompt you to download an application which is a Trojan horse that makes your computer a zombie, and exposing it to hackers.

So, beware of such SMS messages. The SMS Message might look like  a message from a real Dating service or Your Ring tone service provider or any body for that matter, which you would never suspect. But when you receive such an SMS,

  • Check that URL whether that is a Phishing website or real service provider. A search in Google or security websites like McAfee with the URL might help.  

  • If you don't find any thing on Google but you are still suspicious, better not to visit the website.

  • If you are aware that your Dating service used to send SMS messages to remind you of your subscriptions, You can call up the Dating service or relevant service provider, and confirm your subscriptions just to make sure every thing is fine.

  • If your dating service never sent you SMS reminders about your subscriptions, you can fully ignore the SMS.

  • If you are in doubt, do not access the URL. 


And particularly, DO NOT ACCESS such URLs from your office network. If the hackers succeed to have you install the application on your office computer or your personal laptop accessing office internet, the consequences will be severe.

Comments

Popular posts from this blog

Newsworthy News in Red October : Dow Jones & Tax Dodgers

USCIS Selects Final H1B Petitions by Random Selection - Almost a 50% chance for each Application

H1B 2008:USCIS released Preliminary Numbers