Cell phone users targeted by 'SMiShing'

Share this article:

Cell phone users are the target of a newly discovered phishing attack, which McAfee's Avert Labs has dubbed "SMiShing."

Affected users receive short message service (SMS) text messages alerting them of impending fee charges for a dating service.

If victims go to the URL promoted in the malicious text message with a PC or mobile, they are prompted to download a trojan that turns the PC into a zombie.

Unknowing users, fearful of running up hefty phone bills, could be scared into visiting the malicious site, according to the posting on the McAfee Avert Labs blog by David Rayhawk, mobile threat researcher.

Although such attacks are nuisance for mobile users now, they could become a substantial threat for enterprises, McAfee warned.

Rayhawk said today that SMS messages are, in some ways, more likely to attract users to a malicious site than email.

"Direct access, is, in a way, a little worse than email because you're a lot more likely to get a live person on the other end," he said. "I think the important think to get across is that users can't think of their phones as just being phones. They're going to have to start treating them as miniature PCs. Unfortunately, that means we're going to have to be paranoid."

Click here to email online editor Frank Washkuch Jr.

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.