What Is Smishing?

Cybercriminals have created various methods to trick people into downloading viruses or malware onto their laptops, tablets, and smartphones.

The latest form is smishing, another tool used by cybercriminals to obtain personally identifiable information and steal identities by infecting your smartphone through texts or an SMS message. The software’s malicious intent comes in the form of viruses, ransomware, spyware or adware.

The term “smishing” is a mashup of SMS (short message service) and phishing, which is when fraudsters utilize malware by sending emails which mimic a trustworthy source such as credit card company, financial institution or retailer. Unsuspecting consumers mistakenly open the email and click on the links, allowing the malware to be activated.

When people click on the links, the fraudsters can trick them into sharing their password, credit card numbers or other personally identifiable information such as Social Security numbers.

Now growing in popularity, fraudsters often deploy smishing because too many people are unaware of this new type of fraud and trust text messages more than the emails they receive.

The fraudsters are following a similar strategy when it comes to phishing and rely on social engineering to get more people to give out their personal information. The smisher wants to obtain passwords, credit card information or your Social Security number to sell them on the darknet, a.k.a. the dark web.

If fraudsters are able to obtain your personal information, they can steal your identity and apply for credit cards and loans while pretending to be you, which can greatly affect your credit score.

Some smishers have deployed a tactic of telling people that if they fail to click on the link and provide their personal information, the company they’re pretending to be will start charging daily for the service. These fraudsters will attempt to fool you into thinking they are a legitimate source you would normally use or trust.

Ignore all messages that seem bizarre or are from companies where you did not sign up for text alerts.

How to Prevent Smishing

These two words will help you avoid smishing attacks: Delete and block.

Just like emails, don’t reply to texts to people who are not in your address book. There are too many incidences of fraud and the headaches of identity theft are not worth it.

When a text message or SMS comes from a number such as “8000” and does not resemble a standard phone number, skip them. Those are simply emails that are sent to a smartphone.

As more and more people share links from articles, videos or social media, it is easy to just click on a link. Skip the ones from people you do not know. If the link looks suspicious or out of character to be coming from that particular friend, ask them if they sent it.

Protecting Yourself From Identity Theft

If you communicate through your mobile device frequently or use it to watch videos or movies, consider adding a VPN to your phone. A VPN is virtual private network and prevents fraudsters from seeing your activity on the Internet.

VPNs can be used on a person’s mobile device, laptop or computer and is useful when you are accessing the Internet from a public network at an airport, retailer or hotel.

The risk of using public WiFi is high because criminals routinely intercept people’s sensitive and personal data as they are paying bills or shopping. The public networks are being watched by hackers so they can steal passwords and identities and install malware.

Adding a VPN will shield both your activity and personally identifiable information. While some VPNs are free, others can be purchased, but people should conduct due diligence before downloading one.

Since smishing is occurring more frequently, it is good practice to check your credit report on a regular basis to see if a fraudster tried to open a new credit card or another account in your name. Consumers can obtain one free credit report from Experian, Equifax and Transunion every 12 months at AnnualCreditReport.com. You can also get a free copy of your Experian credit report and dispute anything inaccurate on it here on Experian.com.

Read more »

mobile malware Daily update ⋅ March 15, 2018

	NEWS
	Cybercriminals pivot to cryptomining, fileless malware – McAfee Rappler McAfee said new ransomware grew 35%, and 2017 ended with a 59% growth of ransomware attacks year over year. While new mobile malware decreased by 35%, most notably in terms of Android screenlocking ransomware, the cybersecurity firm added new Mac OS malware samples increased 24% ... Flag as irrelevant
	APAC security chiefs expect imminent attack on critical systems ComputerWeekly.com Cyber criminals will ramp up efforts to mine cryptocurrencies, while mobile malware will rear its ugly head across the APAC region in 2018. The computer networks of two universities in Singapore were breached in April 2017 by hackers looking to steal information related to government or research. Flag as irrelevant
	Eight new cyber threat samples emerging per second Technology Decisions In 2017 total mobile malware experienced a 55% increase, while new samples declined by 3%. New malware samples increased in Q4 by 32%. The total number of malware samples grew 10% in the past four quarters. 97% of spam botnet traffic in Q4 was driven by Necurs — recent purveyor of 'lonely ... Flag as irrelevant
	Asia Pacific countries are a melting pot of cyber threats SecurityBrief NZ Asia Pacific (APAC) countries remain a popular melting pot for cyber threats of all kinds, including online banking malware, ransomware, malicious mobile app downloads and exploit kit attacks. APAC accounted for almost 40% of the 1.7 billion ransomware attacks between 2016-2017, according to ... Flag as irrelevant
	Cyberattacks to increase in 2018 on IoT and mobile devices: SonicWall Cyber Threat Report Wire19 (press release) (blog) Malware attacks increased from 7.87 billion in 2016 to 9.32 billion in 2017, while ransomware attacks decreased from 638 million to 184 million, according to SonicWall Cyber Threat Report. SonicWall, the cybersecurity solutions provider, revealed the findings, intelligence, analysis, and research about ... Flag as irrelevant
	Mobile Anti-Malware Market Analysis, Overview, Growth, Demand And Forecast Research Report ... MilTech Mobile Anti-Malware Market report provides key statistics on the market status of the Mobile Anti-MalwareManufacturers and is a valuable source of guidance and direction for companies and individuals interested in the Mobile Anti-Malware Industry. The Mobile Anti-Malware industry report firstly ... Flag as irrelevant
	Mining Malware was used by Hackers for 400,00 Computers Canadian Homesteading However, the antivirus program managed to recognize all these attempts. The miner was supposed to mine Electroneum, which is a less known coin that also uses mobile mining that is app based. Malware also generated traffic that was really suspicious, and the command and control server were ... Flag as irrelevant

Read more »

Ten Percent of Mobile Subscribers at Serious Risk of ID Theft

Data aggregated from global operators indicates 60% of suspicious domains are linked to phishing

Thursday, November 2nd, 2017

EDISON, New Jersey, Nov. 2, 2017 /PRNewswire/ Korea IT Times--

Flash Networks, the leading provider of mobile Internet optimization, security, and engagement solutions, today published new market data highlighting the vulnerability of mobile users to ID theft via phishing attacks. Alarmingly, data collected from global operators shows that more than 10% of users are exposed to phishing attempts. Mobile subscribers are being exposed to increasing risk as the volume and sophistication of attacks escalate.

Data from mobile operator deployments reveal that:

• 3% of all domains visited are classified as suspicious
• 60% of suspicious domains are linked to phishing
• The percentage of mobile users exposed to phishing attempts is increasing, with 10% of subscribers visiting suspicious domains at least once a month  
• Threats are dynamic in terms of intensity, location, and time. While massive phishing attempts may occur at one location, a dramatic shift in the target demographics of phishing attempts may be seen elsewhere at a different time.

"A single click taking an unsuspecting mobile user to a fake website can quickly lead to identity theft," said Dror Shlomo, VP Product at Flash Networks. "Through deep inspection of network traffic, xtraArmor provides subscribers with the strongest possible protection against threats such as viruses, malware, spyware, and phishing before the traffic is delivered to the subscribers' devices."

Flash Networks xtraArmor is a clientless solution for detecting and preventing threats aimed at mobile devices. xtraArmor is powered by industry-leading security technology from Symantec. Integrating seamlessly with mobile operators' networks, the virtualized solution enables operators to protect subscribers and devices from advanced phishing, viruses, malware, spyware, ransomware, and other threats. Using multi-layered detection technologies, such as advanced heuristics, machine learning, and behavior analysis, xtraArmor detects malicious traffic, generates alerts, and prevents such traffic from reaching mobile devices.

About Flash Networks 

Flash Networks is a leading provider of virtual optimization, security and engagement solutions that enable operators to improve RAN spectral efficiency, boost network speed, optimize video and web traffic, generate over-the-top revenues and secure the mobile Internet for subscribers and devices.

With offices in North America, Europe, Latin America, and Asia, Flash Networks services hundreds of millions of subscribers daily at leading global carriers. For more information, visit http://www.flashnetworks.com.

Read more »