Cell phone users targeted by 'SMiShing'

Share this article:

Cell phone users are the target of a newly discovered phishing attack, which McAfee's Avert Labs has dubbed "SMiShing."

Affected users receive short message service (SMS) text messages alerting them of impending fee charges for a dating service.

If victims go to the URL promoted in the malicious text message with a PC or mobile, they are prompted to download a trojan that turns the PC into a zombie.

Unknowing users, fearful of running up hefty phone bills, could be scared into visiting the malicious site, according to the posting on the McAfee Avert Labs blog by David Rayhawk, mobile threat researcher.

Although such attacks are nuisance for mobile users now, they could become a substantial threat for enterprises, McAfee warned.

Rayhawk said today that SMS messages are, in some ways, more likely to attract users to a malicious site than email.

"Direct access, is, in a way, a little worse than email because you're a lot more likely to get a live person on the other end," he said. "I think the important think to get across is that users can't think of their phones as just being phones. They're going to have to start treating them as miniature PCs. Unfortunately, that means we're going to have to be paranoid."

Click here to email online editor Frank Washkuch Jr.

Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.