Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label SMiShing. Show all posts
Smishing Scam
Cyber Crime cybercriminals Cybersecurity SMiShing Smishing Campaign Smishing Scam

Smishing Surge: Tactics, Threats, and 'The Com'


Recently, what we are observed is that enterprises facing a persistent threat from social engineering tactics aimed at acquiring login credentials for crucial systems like Identity and Access Management (IAM), cloud resources, and Single Sign-On (SSO) platforms. Successful breaches through these entry points can lead to widespread access within an organization, paving the way for data theft and ransomware attacks. 

In 2024, there has been a notable surge in phishing attempts conducted over Short Message Service (SMS), commonly known as smishing. Attackers capitalize on the ease and directness of SMS communication to deceive targets into revealing sensitive information. 

Do You Know What Tactics Cybercriminals employ to steal sensitive data through smishing? Let's Understand 

First is Malware Distribution, through smishing, malicious attackers lure victims into clicking on URLs that lead to the download of malware, or malicious software, onto their devices. This malware often disguises itself as a legitimate application, deceiving users into inputting confidential information. Once installed, the malware can intercept and transmit this data to the cybercriminals, compromising the victim's security. 

Second is the Creation of Malicious Websites, another tactic that involves directing victims to fake websites via smishing messages. These malicious websites are meticulously crafted to resemble legitimate platforms, enticing users to enter sensitive personal information. Cybercriminals utilize these custom-made sites to harvest data, capitalizing on the trust users place in recognizable interfaces. 

Additionally, it often happens when a group of malicious actors or an attacker establish deceptive domains mimicking legitimate platforms, such as a company's HR system. This tactic adds an air of authenticity to their phishing attempts, increasing the likelihood of success. 

 Do We Know What Group is Behind This? Yes

The perpetrators behind these attacks are a diverse group of threat actors collectively known as "The Com" or "The Community." This is an umbrella term which involves a majority of attackers, primarily young, operating across Canada, the U.S., and the U.K. Additionally, the group engages in various cybercriminal activities, including SIM swapping, cryptocurrency theft, swatting, real-life violence commissioning, and corporate intrusions. 

Furthermore, "The Com" has been identified as the source behind several high-profile breaches in recent years. Moreover, this online community shares overlaps with other research clusters and intrusion groups like Scattered Spider, Muddled Libra, UNC3944, and Octo Tempest.
Read more »
User Safety
Optus phishing Privacy SMiShing User Safety

Telecom Giant Optus Suffers Data Breach, Leaking Info of Million Customers


Millions of customers suffer a data leak

Optus, an Australian telecom giant earlier this week confirmed that around 2.1 million of its present and past customers suffered data leaks that included their personal details,  at least one type of identification number, as a consequence of a data breach that happened late in September. 

Others believe that the Optus data breach incident has exposed the personal information of around 10 million people. Cybercrime in Australia has always been a pressing issue, it costs the country a minimum of $10 Million per year, and the figures can only go up. 

Due to exposing to hyper-personal information like DoB, driving license, passport, residential address, etc. Threat actors will misuse your information for applying for credit on your behalf without you knowing about it. 

What do criminals do with stolen data?

If cybercriminals find some agency willing to give credit, they'll immediately spend it, resulting in load default, it will put a black mark against your name, and you won't even know about it until you need the credit for yourself the next time. 

Optus said that it has contacted Deloitte for assistance, and will do an external forensic inquiry of the breach to know how the incident happened and how Optus can take preventive measures to stop it from happening again. 

Singtel, a telecommunication conglomerate in Singapore is the parent company of Optus, it also shares a few stakes in Bharti Airtel, the second largest telecommunication carrier in India. Singtel on its website said:

"Approximately 1.2 million customers have had at least one number from a current and valid form of identification, and personal information, compromised."

What kind of information was leaked?

Singtel also said that the leak has impacted expired IDs and personal info of around 900,000 additional customers, stressing that leaked data doesn't include valid or current document ID numbers for around 7.7 million customers. Customers are advised to stay vigilant about possible smishing and phishing attacks. 

In the Optus incident involving the customers that are most affected, state law enforcement agencies and Australian police are working together on "Operation Guardian" to help with securing the identity of the impacted customers. 

The next step for Optus

Optus has informed the affected customers that their personal information has been compromised in the breach, also including Medicare IDs. Optus on 28 September disclosed- out of 9.8 million customer records leaked, the leak involved around 14,900 working Medicare IDs and 22,000 expired Medicare card numbers.

The data leak incident surfaced on September 22, involving a threat actor getting unauthorized access to customer details. The criminals used the alias "optusdata," and they leaked a small sample of the stolen data of 10,200 users, demanding Optus to pay a ransom of $1 million to stop more leaks. 

It raises a question for you: why can't I control my own identity? The answer, is you can, by limiting how and where you share your information. 

However, the Optus data leak has made us all doubt if we can trust any organization?  












Read more »
SMiShing
Cyber Security FCC Robotexts SMiShing

FCC Alerts American Users About Rising Smishing Attacks

Smishing attacks and their impact

The FCC (Federal Communications Commission) raised an alert to warn Americans about the increasing danger in smishing (robotexts) attacks that aim for stealing personal information or are used in financial scams. FCC says that Robocall Response Team is alerting consumers to the rising threat of robotexts. 

Substantial increases in consumer complaints to the FCC, reports by non-government robocall and robotext blocking services, and anecdotal and news reporting make it clear that text messages are increasingly being used by scammers to target American consumers.

How are Smishing attacks carried out?

Hackers use various tricks to lure victims into giving out their personal information or sending the hacker money. Sometimes the hackers use SMS that contains incorrect but very real information about unpaid bills, order delivery status, bank account issues, etc. 

According to FCC "consumers who have filed complaints with the FCC say some of the texts resemble email spam, with links to unwanted and unsolicited products. But many of the texts appear to be ploys to steal valuable personal or financial information." 

In a few cases, the data that is collected from these smishing campaigns are used in the future for other malicious purposes. The alert warns American users to not respond to or open any links they see in their inbox. The warning came out after various users registered complaints about unwanted SMS, which in recent times, have increased from 5700 in 2019, 14,000 in 2020, 15,300 in 2021, to 8,500 by June 2020.

How to protect yourself against smishing attacks, according to FCC-

  • Avoid responding to malicious texts, don't click "STOP" if the SMS asks you not to receive messages.
  • Never click on links.
  • Never give information either through SMS or a website.
  • File a complaint if the suspicious text is received.
  • Delete all suspicious SMS.
  • Keep your device and OS updated.
  • Use antivirus software if needed.
  • Go through company policies related to opting out of text alerts, or sharing useful info.

If you think you've been hit by a smishing attack, contact your local law enforcement agency ASAP and inform the wireless service providers and your banks.

Read more »
SMS
Cyber Attacks cybercriminals Dark Web SMiShing SMS

What are Smishing Attacks? How to Prevent Them?

 

Smishing is a cyber assault that utilizes SMS text messages to delude its victims into giving sensitive data to a cybercriminal. Sensitive data incorporates your account name and password, name, banking account, or credit card numbers. The cybercriminal may likewise implant a short URL link into the text message, inviting the client to tap on the link which in most cases is a redirect to a pernicious site. Smishing is identified with two other 'smishing' cyber assaults, phishing and vishing. 

Cybercriminals today are essentially inspired by monetary benefit. They create code intended to obfuscate your sensitive data for benefit. At the point when they acquire this information, they may hope to sell your compromised credit card or credentials on the dark web. They may likewise utilize sensitive information to open an account in your name or hold your information ransom in exchange for a large pay-out. 

Back in May 2018, Fifth Third Bank clients were the targets of a smishing assault. The assailants claimed to represent Fifth Third Bank. They contrived a plan to caution clients that their accounts were locked. Within the body of the text message, they gave a link to the clients to open their accounts. The link took the clueless client to a phony webpage that seemed to be like Fifth Third's genuine site. The phishing site prompted the visitors to enter their user name and password, one-time code, and PIN codes to open their account. The cybercriminals then utilized the stolen account data to expunge almost $68,000 from 17 ATMs across three states. 

Some of the ways to prevent smishing attacks are: 

• Try not to react to text messages that demand private or monetary data from you. 

• On the off chance that you get a message that has all the earmarks of being from your bank, financial institution, or other entity that you work with, contact that business directly to decide whether they sent you a genuine solicitation. Review this entity’s policy on sending text messages to clients. 

• On the off chance that a text message is encouraging you to act or react rapidly, pause and consider the big picture. Recall that crooks utilize this as a strategy to get you to do what they need. 

• Never reply to a dubious text message without doing your research and checking the source.
Read more »
Spam SMS
Android Malwares Malware Report SMiShing Spam SMS

Android Banking malware spreads via Smishing (SMS phishing)

 
A new android banking trojan spotted in the wild that replaces the legitimate South-Korean banking android apps spreads via phishing sms attacks, reports McAfee Labs.

South-Korean bank users are being targeted with a fake message that purportedly coming from Financial Services Commission.  The message asks users to install the new anit-malware protection.

Unwitting user who follows the link provided in the sms and installs the app putting himself at risk.  The malware app silently attempts to uninstall the legitimate south-korean banking apps.  However, the malware is able to uninstall the apps only if the device is rooted.

If the device is not rooted, the malware asks users to uninstall the legitimate app and urge them to install another app with the same icon but with suspicious permission request.

The trojan then asks users to enter the banking credentials such as account number, password, Internet banking ID, social security number.  The collected info is later sent to remote server.

"McAfee Mobile Security detects this threat as Android/FakeBankDropper.A and Android/FakeBank.A and alerts mobile users if it is present".
Read more »
Spam Report
SMiShing Spam Report

SMiShing: SMS Phishing tricks victims into providing Bank details

Phishing

SMS phishing attacks(Smishing), increased 913% during the first week of September, making SMS phishing currently the single largest SMS text messaging threat.

According to Cloudmark report, the victims are being scammed with the following text " Fwd:Good Afternoon .Attention Required Call.(xxx)xxxxxxx" . Victims are instructed to call to various phone numbers.

According to the report, there are more than 500 different text message used in the phishing campaign.

If the recipient calls the provided number, an automated message asks for the sensitive credentials that can be used for bank and credit card fraud.

"Victims who fall for the phishing scam and divulge their credentials risk being subjected to bank account theft, credit card fraud, and even outright identity theft."Cloudmark blog post reads. "Stolen information can even be used in social engineering scams to elicit further information from unrelated accounts."

If you suppose get these type of phishing SMS , you can forward the text to short code 7726 to notify your carrier and to facilitate resolution.
Read more »
Subscribe to: Posts (Atom)