Phishers reach cell phones

Have you ever been SMiShed? That's not as personal a question as it may sound to the uninitiated, but it does relate to protecting your personal data.

SMiShing, a term coined by researchers for the McAfee security software firm, describes a form of phishing in which the bad guys send an SMS (short message service) message to a person's mobile phone. The first such messages purported to come from dating-service Web sites. Victims would receive a message announcing that the site intended to charge them US$2 a day unless they visited the URL listed in the message and followed the steps outlined there to unsubscribe from the service. Upon browsing to the URL (via computer), victims would get hit with drive-by downloads that installed Trojan horse software that subsequently would steal passwords and do other nasty things to the victims' PC.

I can see how this kind of attack might succeed. Many people don't have the same level of suspicion about text messages that they do about spam or instant messages on a PC. On top of that, every cell phone user I know is wary of being "slammed" with charges for premium-rate services on their mobile phone bill.

Worms that infect PCs have begun to add SMiShing attacks to their menu of malicious activities as well. The VBS/Eliles worm, for instance, infects Windows PCs by opening a back door and giving the perpetrator remote access to the computer. It also launches SMiShing attacks by sending messages to cell phone customers. This particular worm targets the e-mail-SMS gateway at two mobile phone companies in Spain. Fortunately, the worm's creators weren't very sophisticated--most antivirus programs will detect the Eliles worm and delete it before it can cause trouble.

It's impossible for a company to add charges to your bill, unless you knowingly signed up for its service and provided a cell phone number so it could send you messages. So if you get a SMiShing-style SMS message and don't remember signing up for anything, just delete the message and ignore the instructions. The scam works because people visit the Web page without thinking twice about it.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Andrew Brandt

PC World

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?