As SA has one of the largest mobile penetration rates in the world, scammers are turning to SMS technologies to trick users, and deliver social engineering attacks.
This is the view of Dr Pieter Streicher, MD of BulkSMS, who says SMS attacks are similar to the 419-scams originating in Nigeria.
“The 419 e-mail scams generally speak of an inheritance that the sender is due, but requires a bank account in which to deposit the funds. As reward, the sender promises the bank holder a percentage of the inheritance for the use of the bank account.”
Streicher explains that, as a show of good faith, the sender asks for a deposit of a certain value to be made into another account. The scammers typically get several payments out of victims, who never receive the funds. “The more the victims give, the more they've already committed, and the more they keep giving.”
“These 419 scams are a threat,” says Chad Cleevely, SA channel manager at Symantec, “and these scammers are currently riding on the wave of publicity surrounding the World Cup.
“Research shows attackers are going directly after end-users, attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent.”
Common tactics
Streicher states that SMS scams work in a similar way but the message is generally focused around a cash prize that asks for a deposit to release the winnings.
He says the word 'congratulations' is commonly used in fee-scam SMSes. Another identifier is the use of unprofessional e-mail addresses, where the message pretends the prize is from a known brand, but the e-mail address is from a Yahoo or Hotmail account, says Streicher.
“SMS phishing attacks are even more dangerous, as it is often a real person that asks for personally identifying details over the phone.” He gives the example of a user receiving a scam SMS alert for their Internet banking account, which could end off reading: 'If you have any enquiries, please contact (number)'.
“Users could panic if they haven't logged into their Internet banking service and immediately phone the number provided, which is when the fraud will occur.” He says once the criminals have gained Internet banking details there is nothing stopping them from accessing the online banking system and transferring money.
Be prepared
Cleevely highlights that it's the mobile device users being targeted, not necessarily vulnerabilities in the device itself.
“It is critical that mobile phone users understand that with the emergence of smartphones and other mobile devices, users have the ability to connect to mobile networks for telecommuting and access to the Internet 24/7, and in real-time. The threat remains the same as the computing environment.”
Streicher says the most effective thing a consumer can do is to educate themselves on potential scams. He provides the following tips: “Save the number of your bank on your mobile and always phone your bank to verify a potentially fraudulent SMS.”
At the network level, he says, Vodacom has been the most proactive in terms of preventing fraudulent messages originating from international networks, with MTN following suit.
“Because of the large financial risks involved, it is worthwhile for the network providers to implement solutions that would block fraudulent SMSes.” He says it's best to check with the network operator Web sites for reports on the latest SMS scams, and report abuse to wireless application service providers.
“Mobile operators can implement SMS filters which are able to recognise SMS scams and phishing attempts and block them,” adds Denis Maslennikov, senior malware analyst and mobile research group manager at Kaspersky Lab.
“Even if the scam or phishing message is sent via the Internet, it will have to proceed through the mobile operator's server and can be blocked there.”
Streicher concludes by saying: “If it sounds too good to be true, it probably is.”
Share