Cell phone users targeted by 'SMiShing'

Share this article:

Cell phone users are the target of a newly discovered phishing attack, which McAfee's Avert Labs has dubbed "SMiShing."

Affected users receive short message service (SMS) text messages alerting them of impending fee charges for a dating service.

If victims go to the URL promoted in the malicious text message with a PC or mobile, they are prompted to download a trojan that turns the PC into a zombie.

Unknowing users, fearful of running up hefty phone bills, could be scared into visiting the malicious site, according to the posting on the McAfee Avert Labs blog by David Rayhawk, mobile threat researcher.

Although such attacks are nuisance for mobile users now, they could become a substantial threat for enterprises, McAfee warned.

Rayhawk said today that SMS messages are, in some ways, more likely to attract users to a malicious site than email.

"Direct access, is, in a way, a little worse than email because you're a lot more likely to get a live person on the other end," he said. "I think the important think to get across is that users can't think of their phones as just being phones. They're going to have to start treating them as miniature PCs. Unfortunately, that means we're going to have to be paranoid."

Click here to email online editor Frank Washkuch Jr.

Share this article:

Sign up to our newsletters

More in News

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.

Outdated browsers put U.K. users at risk of malware

A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers

Survey: 53 percent change privileged logins quarterly

A Lieberman Software survey highlights the issue or poor password management, even among security pros.