Share with your network!
During the first week of September, Cloudmark observed a 913% increase in the volume of SMS phishing attempts, making SMS phishing currently the single largest SMS text messaging threat. The surge appears to be the result of a single set of attacks which initially started on September 4th. Thus far, attackers have used over 500 unique pitches in the phishing scams, but the general characteristics are as follows:
Fwd:Good Afternoon .Attention Required Call.(xxx)xxxxxxx
The phone numbers victims are instructed to call include:
2012040735
2055612208
2105278888
2814920248
3124924053
3474105894
4016488505
5612357256
6164993061
6783847527
7145911051
7272162029
7739121434
8164101809
8177863304
8323086322
8645825454
8667368703
8775924747
8888408034
9738818000
Investigation reveals the attackers are using several phone ploys to trick victims into divulging sensitive credentials. These ploys range from claims of Bank of America account suspensions, Macy's credit card collections, and even the U.S. Veteran's Administration health services.
Victims who fall for the phishing scam and divulge their credentials risk being subjected to bank account theft, credit card fraud, and even outright identity theft. Stolen information can even be used in social engineering scams to elicit further information from unrelated accounts.
If you've been the recipient of this SMS phishing attempt, forward the text to short code 7726 to notify your carrier and to facilitate resolution. And remember, never divulge sensitive information to any source you have not fully vetted. When in doubt (which you always should be) contact your bank, credit card company, or health provider by known good numbers you have on file - never respond via the contact details provided in an unsolicited SMS text.