'smishing' Fishes For Personal Data Over Cell Phone


Recommended Posts

February 24, 2009 1:14 PM PST

'SMiShing' fishes for personal data over cell phone

by Elinor Mills

When we think of phishing attacks, in which scammers try to lure sensitive information out of Internet users, we think of fake official-looking e-mails and Web sites.

But you don't even need to be online to get phished. A phishing attack making the rounds tries to dupe cell phone users into revealing their personal data over the phone. It uses SMS messages, which makes it a "SMiShing" attempt.

It all starts with a spam text message purporting to be from a financial institution. In this case, it's from a source identified as KeyPoint Credit Union, warning that an account has been locked and providing an 888 phone number to "verify" the account, said a CNET News reader who received one of the spam text messages on his Sprint phone.

When the phone number is called, an automated message prompts for SocialSsecurity number, credit card number, and driver's license number, he said.

"Every carrier has seen it," Matt Sullivan, a Sprint spokesman, said on Tuesday. "We have filtering technology that we are constantly updating to try to weed out some of this."

CNET News - http://news.cnet.com/security/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...