How to prevent smishing: industry insiders guide
Mobile malware such as Smishing Attacks pose a significant threat to consumers, businesses, service providers, and governments globally. Cybercrime is a major challenge for businesses and remote work that involves accessing corporate networks from mobile devices only amplifies this risk. Governments and regulators are stepping up their security measures as the cost and national security implications of these attacks become more evident.
In Ireland, the Bank of Ireland reported a 50% surge in smishing cases detection since fraudsters adopted a new tactic to steal customer funds via Apple or Google Pay. The scam involves sending fake text messages that appear to come from delivery companies or government agencies. If the recipient clicks on the link in the message, they are taken to a fake website and prompted to enter their card or online banking information. The full article can be read here.
Banks are particularly susceptible to smishing attacks. Similar cases have been reported frequently. Recently, a bank in Spain named Laboral Kutxa was targeted by fraudsters. The scam involved a message sent to the bank’s customers via SMS in flawless Spanish. The message read, “Purchase accepted for 500 euros. If this was not you, follow the link to cancel it.” This fraud event caught out over 170 unwitting victims from whom over €145,000 was stolen. You can read more on this here.
Smishing attacks have seen a sharp increase globally since the beginning of the pandemic, with scammers using the Covid-19 crisis to send convincing messages that unsuspecting individuals are more likely to open.
In a European context at the moment these messages seem to be originating predominantly in France and purport to be from services such as Netflix. However, the content and point of origin of the smishing messages constantly change to evade detection by service providers. Smishing poses a significant problem for mobile service providers, as it can result in substantial direct costs to address the consequences of an attack. Additionally, smishing poses a major risk to the A2P messaging industry, as it may lead subscribers to question the security of the text messaging channel.
Smishing attacks can have multiple impacts on a network and its subscribers, including:
- Direct financial loss
- Identity theft
- Theft of personal data
- Malware infection on mobile devices
- Damage to Brand reputation
Why it is so difficult to prevent Smishing attacks?
Smishing attacks are challenging for operators to detect and prevent for various reasons:
Multiple sources of Smishing messages
Smishing messages can come from different sources, including application-originated messages from aggregators, interconnect traffic from other national or international operators, or mobile-originated messages from malware-infected handsets or SIMBOX devices on the home operator network.
Authentic appearance of Smishing messages
The protocols used to process application-originated messages do not provide proper authentication of message senders, making it easy for scammers to impersonate a known brand when sending messages through aggregators. As a result, subscribers may receive messages that appear to be from a trustworthy source, such as their bank, leading them to believe it is legitimate.
Trust in mobile messages compared to email
Unlike with emails, modern consumers tend to implicitly trust messages they receive on their mobile devices, which makes smishing a particularly effective form of fraud. In 2020, smishing messages often had Covid-19-related themes that preyed on people’s concerns and fears about the pandemic.
Constant evolution of threat landscape
The constant variety of smishing attacks highlights the difficulties mobile operators face in keeping up with the ever-changing threat landscape. Not only do the types and style of smishing attacks change, but also the urls, the origin destination and so on. Keeping up to date with the latest likely threats requires both expertise and software solutions.
How Openmind detects and prevents Smishing
Openmind offers operators a comprehensive solution for detecting and blocking smishing across all messaging interfaces. Our Smart Services approach ensures quick detection of smishing attacks, as well as the ability to analyze new attacks and block them efficiently. Our solution can detect smishing attacks that contain previously identified URLs and block them at the source. Additionally, we use various techniques to detect smishing using unknown URL domains. A local database of known smishing URLs is maintained and can be checked through the SMS Firewall in the network to determine if a message should be blocked.
Openmind uses a combination of its advanced neural network software and data analytics to detect Smishing attacks. The software automatically recognizes Smishing based on how it spreads in the network. Additionally, reporting tools and authenticity checks of new URL domains contained in messages on the network are used to identify Smishing attacks. Subscriber-forwarded examples of potentially fraudulent SMS messages can also be evaluated to add new URL examples to the URL database. Our services team collaborates with you while following the local regulations and privacy laws to guarantee protection of subscribers from Smishing.
To find out more, please visit us at openmindnetworks.com