Kevin WatkinsSecurity Researcher
As with all major newsworthy events, it was inevitable that criminals would take advantage of the COVID-19 pandemic. Symantec has already published blogs detailing how spammers and scammers are using coronavirus-themed lures in their malicious email campaigns, and how malicious Android apps are also exploiting the outbreak. However, a more direct method to target people, and one that is arguably more trusted by users, is via text (SMS) messages sent to mobile phones.
With this in mind, we analyzed links contained within more than 3 million SMS messages from hundreds of thousands of mobile devices from around the world that use Symantec’s mobile security technologies. Symantec Endpoint Protection Mobile (SEP Mobile) shields users from SMS phishing attempts by checking URLs found in text messages against the threat intelligence in Symantec WebPulse, part of the Symantec Global Intelligence Network (GIN), and alerting users when the links are suspect.
While malicious SMS messages often use URL shortening services to evade detection and hide destination URLs that would otherwise appear risky, our technologies follow the attack trail to the final URL destination.
We first began monitoring and evaluating the risk of COVID-19 related SMS messages soon after news of the virus began circulating in December 2019. We observed the first high-risk SMS phishing attack using COVID-19 as bait on January 24, 2020, roughly around the same period as the virus began to receive more media coverage.
Up until March, we observed very few incidents of SMS phishing attacks using COVID-19 as bait. From late January to early March, on ..
Support the originator by clicking the read the rest link below.
