14 DAY TRIAL // SMS-based phishing attacks are nothing new. In used since the mid-90s, the techniques have been enhanced with the launch of smartphones. In their most recent incarnation, AKA Smishing, the attacks are being carried out on a scale never seen before.
Previously, Smishing attacks were mostly used in a manner like email phishing attacks, impersonating established personal or business contacts to obtain credentials and other victim information. However, with the increase in work-from-home opportunities and the usage of mobile devices for both work and personal purposes, threat actors are concentrating on producing more persuasive phishing messages.
According to Cyberint security company, one of the most prominent recent ads took advantage of the huge rise in online shopping by impersonating retailers and shipping firms under the umbrella of package delivery for online purchases.
In this campaign retailer brand names are being used to enhance credibility while taking advantage of the customer's lack of awareness about the chain of delivery. This can result in the leakage of passwords, payment information, and/or personally identifiable information (PII), either by redirection to a phishing site or by credential-grabbing malware infecting the mobile device.
Means of SMS Delivery
Since retail consumers receive deliveries on a regular, if not daily, basis, many have begun to dismiss package delivery alerts as white noise and, as a result, have lowered their guard. This is precisely what threat actors are hoping for. In one campaign, for example, targeted customers were sent SMS messages alleging they owed a customs fee needed to release a delivery.
Most of the messages observed in the recent campaign directed consumers to bogus websites that requested personal and payment information. At the same time, they urged them to update their Chrome software, which installs malware. If installed, it secretly sends 2,000 SMS messages every week from infected smartphones without the user's knowledge. The messages contain similar phishing content that can help perpetuate and expand the campaign.
Threat actors use a variety of methods to conceal their activities. It is worth noting that if the malicious app is detected by antivirus software, the threat actors repackaged the file with a new signature.
Recommendations
As with many forms of cybercrime, an effective technology-based approach also has a substantial impact on both users and businesses, and therefore may not be a feasible choice. This is particularly true for Smishing attacks due to the widespread use of SMSs in our everyday lives.
As a result, the only coping strategy for this issue is to educate consumers about the delivery chain your business uses. It is recommended to add information about your shipping policies and partners, as well as the various key red flags your customers should be aware of in the email the customer receives upon purchase.