Cyber Threat Intelligence Report Highlights Smishing

Smishing, a cyberattack strategy that combines SMS (short message service, also known as text messages) and phishing, has been revealed as a new and sophisticated mechanism to obtain personal and financial information from victims, through false forms on fraudulent sites.

A wave of VexTrio attacks using dictionary domain generation algorithm (DDGA) has infected numerous websites built on WordPress, which in turn infect visitors to those sites with malware or spyware by executing Javascript code.

Infoblox Inc., a leader in secure and cloud-managed network services, has published a new edition of the company’s Quarterly Cyber Threat Intelligence Report, a security intelligence report that compiles the main threats and security breaches detected during the previous three months on a quarterly basis worldwide. Among the main conclusions of this report, which covers the months of April to June 2022, are:

Smishing – a strategy that combines SMS and phishing

Smishing messages are sent by bad actors to get victims to reveal private information, including passwords, identity and financial data. The messages typically include some incentive for the recipient to click a link, which may be for a site that hosts malware or a page that attempts to convince the user to submit data through a form.

Actors have regularly used spoofed sender numbers in the text messages to evade spam filters. However, those messages that are not automatically detected by the mobile provider can be stopped by blocking the sender’s phone number. In response, threat actors continue to evolve their own techniques. In a well-known version of mobile phone spoofing, a recipient receives a text or phone call from someone who appears to be in the area close to the recipient. Users are hesitant to block local phone numbers for fear it would also block legitimate phone calls and messages.

Spoofing the recipient’s phone number is another advance by actors to overcome spam filtering and blocking and to convince users to click on the embedded links in the messages.

Prevention and Mitigation

Smishing messages are a common method for sending phishing links. Infoblox recommends the following precautions for avoiding smishing attacks:

  • Always be suspicious of unexpected text messages, especially those that appear to contain financial or delivery correspondences, documents or links.
  • Never click URLs in text messages from unknown sources. In the campaign under discussion, the source was the recipient, who did not send the message, and that is a red flag.

To read more news and exclusive features see our latest issue here.

Never miss a story… Follow us on:
LinkedIn Security Buyer
Twitter logo @SecurityBuyer
Facebook @SecbuyerME

Media Contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]

Georgina Turner image

Georgina Turner

Sales Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Graphic displaying a lockdown solution

Netgenium debuts next gen display and touchscreen technologies

Power-over-Ethernet (PoE) solutions specialist Netgenium will be showcasing its new range of IP…

ICT® Launches New TSL Access Reader Series

Integrated Control Technology (ICT®), a leading manufacturer of intelligent access control and…
Image Provided by Paxton

Paxton Partners with Skills for Security

The security technology manufacturer Paxton is proud to announce a partnership with Skills for Security…
Image Provided by ICT

ICT and Ingram Micro sign distribution agreement MEA

Integrated Control Technology (ICT), award-winning global manufacturer of intelligent electronic access control and security solutions..
Image Provided by Toshiba

Toshiba launches new HDD Innovation Lab

Toshiba Electronics Europe GmbH (Toshiba) has inaugurated a new HDD Innovation Laboratory (HDD Innovation Lab) at its site in Düsseldorf..
Image Provided by Verkada

Verkada Doubles Down on the Channel with Strategic New Hire

Verkada, a leader in cloud-based physical security, today announced the appointment of Micah Deriso as Head of Global Channel…
Image Provided by IPSA

IPSA Appoint Frontline Hero as Ambassador

Abdullah, the courageous security officer praised for foiling a horrific knife attack at Leicester Square, has been appointed as…
Image Provided by Codelocks

New Surface Latch from Codelocks

Codelocks is expanding its Gate Solutions by Codelocks range with the introduction of the new Codelocks’ Surface Latch…
Image provided by Genetec

Nicholas Smith to Lead Genetec UK and Ireland Operations

Genetec, provider of enterprise physical security software, announced the appointment of Nicholas Smith as its new Regional Sales Director…

News Desk

View all the latest, product, project and people news

News Desk

Click Here

Technology News

Keep up-to-date with the latest product innovation

Technology News

Click Here

Industry Sectors

Discover technology in action in all applications

Industry Sectors

Click Here

Enter The Awards

Showcase personal or organisation excellence

Advertise With Us

Reach decision makers and amplify your marketing

Advertise With Us

Click Here
Scroll to Top