Internet marketing resources, ecommerce web site design tutorials and  just for fun - free cell phone ringtones!
  Taming the Beast - quality web marketing and ecommerce development services

Smishing – phishing via SMS

Posted by Michael Bloch in online world (Tuesday September 5, 2006 )

Regardless of the simplistic nature of this first smishing incident, the attacks will no doubt become more refined and nastier in the future.

Smishing is certainly something to be aware of and to definitely let your kids know about if they have cell phones; even if they don’t have credit cards – especially if it’s your computer they’d access to visit the site to “unsubscribe”.

Related:

Vishing – VOIP phishing scams

Anti hacking tips for home based online business

-->

Yet another “ishing” to add to the phishing family. Supposedly smishing first started happening a couple of months ago, in South Australia of all places – I guess the phishers figured out we’re fairly simple folk (ducks West End beer bottles thrown from all directions).

How does Smishing work?

In the South Austrlalian case, cell phone users received an SMS stating that they had been subscribed to a dating site which was going to cost them a couple of bucks a day. In order to unsubscribe, they needed to visit a site. The site had malicious code embedded which infected their systems; leaving unprotected users wide open for a hacking attack.

It was rather a simplistic attack – I don’t know why the smishers didn’t also coax people to enter their credit card details or other financial information for “verification”; would have made their job somewhat easier.

I guess one of the reasons that smishing could be so successful is that people are subscribing for all sorts “free” services these days which are delivered to their cell phone. Often they are only free trials or ad supported; so an SMS message such as this would be considered more annoying and a financial issue than a potential security threat and the user easily spurred onto taking the action suggested.

Smishing is also cost effective for the perpetrators; it’s free for them to send messages using the service providers’ SMS-email gateways. In regards to targeting numbers, they just generate a series of possible combinations within the range of the provider.

I’m not very knowledgeable regarding how cell phone telecommunications networks work, but surely telcos would be able to easily detect thousands of SMS’s suddenly coming in from an unknown (most likely overseas) source; especially if some of those SMS’es began the equivalent of “bouncing” i.e, being sent to numbers not issued and not in service?

Regardless of the simplistic nature of this first smishing incident, the attacks will no doubt become more refined and nastier in the future.

Smishing is certainly something to be aware of and to definitely let your kids know about if they have cell phones; even if they don’t have credit cards – especially if it’s your computer they’d access to visit the site to “unsubscribe”.

Related:

Vishing – VOIP phishing scams

Anti hacking tips for home based online business



 

 
Comments for Smishing – phishing via SMS

No comments yet.

Sorry, the comment form is closed at this time.