Cyber Threat Intelligence Report Highlights Smishing

Smishing, a cyberattack strategy that combines SMS (short message service, also known as text messages) and phishing, has been revealed as a new and sophisticated mechanism to obtain personal and financial information from victims, through false forms on fraudulent sites.

A wave of VexTrio attacks using dictionary domain generation algorithm (DDGA) has infected numerous websites built on WordPress, which in turn infect visitors to those sites with malware or spyware by executing Javascript code.

Infoblox Inc., a leader in secure and cloud-managed network services, has published a new edition of the company’s Quarterly Cyber Threat Intelligence Report, a security intelligence report that compiles the main threats and security breaches detected during the previous three months on a quarterly basis worldwide. Among the main conclusions of this report, which covers the months of April to June 2022, are:

Smishing – a strategy that combines SMS and phishing

Smishing messages are sent by bad actors to get victims to reveal private information, including passwords, identity and financial data. The messages typically include some incentive for the recipient to click a link, which may be for a site that hosts malware or a page that attempts to convince the user to submit data through a form.

Actors have regularly used spoofed sender numbers in the text messages to evade spam filters. However, those messages that are not automatically detected by the mobile provider can be stopped by blocking the sender’s phone number. In response, threat actors continue to evolve their own techniques. In a well-known version of mobile phone spoofing, a recipient receives a text or phone call from someone who appears to be in the area close to the recipient. Users are hesitant to block local phone numbers for fear it would also block legitimate phone calls and messages.

Spoofing the recipient’s phone number is another advance by actors to overcome spam filtering and blocking and to convince users to click on the embedded links in the messages.

Prevention and Mitigation

Smishing messages are a common method for sending phishing links. Infoblox recommends the following precautions for avoiding smishing attacks:

  • Always be suspicious of unexpected text messages, especially those that appear to contain financial or delivery correspondences, documents or links.
  • Never click URLs in text messages from unknown sources. In the campaign under discussion, the source was the recipient, who did not send the message, and that is a red flag.

To read more news and exclusive features see our latest issue here.

Never miss a story… Follow us on:
LinkedIn Security Buyer
Twitter logo @SecurityBuyer
Facebook @SecbuyerME

Media Contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Dallmeier - securitybuyer.com

Dallmeier presents the MK4 revision of the DMS 2400

With the new MK4 revision of the DMS 2400, Dallmeier introduces an even more powerful version of its proven video appliance.
security Institute - securitybuyer.com

Security Institute Announces New Directors

The Security Institute held its Annual General Meeting (AGM) on the 8th of July at the Millennium Hotel & Conference Centre…
ASSA ABLOY - securitybuyer.com

BG100 Speedgate Recognised with Red Dot Award

Combining an Aesthetically Appealing Design, Function and Innovation, the BG100 Speedgate Sets New Benchmark for …
Product Spotlight - Videx - securitybuyer.com

Product Spotlight – Era Series

VIDEX presents its new series of outdoor compact video door entry systems, Era Series, and showcases their durability, configuration…
Security Institute - SecurityBuyer.com

The Security Institute Hosts Second Young People’s Skill Building

The Security Institute was honoured to host its second annual Young People’s Skill Building Event on Monday 23rd June, held …
Hanwha Vision - Security Buyer

Hanwha Vision unveils powerful AI remote-head camera

Hanwha Vision, the global vision solution provider, launches the AI remote-head camera, featuring a single-body…
Christina Alexander Judge - SecurityBuyer

Christina Alexander Announced as Security Buyer Awards Judge

Security Buyer is proud to announce Christina Alexander as the latest addition to the distinguished judging panel for the Security…
Milestone - SecurityBuyer

Milestone Systems updates across XProtect, BriefCam, Arcules

Milestone Systems today announced updates across its complete security technology portfolio with releases for XProtect
Big Interview Abdullah Tanoli

Big Interview – Hero of Leicester Square

Rebecca Spayne of Security Buyer has the privilege of speaking with a real-life hero, Abdullah Tanoli, the hero of Leicester Square..
Altronix - SecurityBuyer

Altronix POE367 Delivers 277VAC Support

Altronix has expanded its power product line with the new POE367 power supply/charger designed specifically for 277VAC input environments.
Scroll to Top