The simplicity of a recently discovered phishing scheme originating from the Middle East has seen fraudsters in other countries copying it, putting mobile users’ financial information at risk, warns Kaspersky.
Attackers, typically under the guise of a postal service, request a small sum of money for the shipping costs of a package. Once a user clicks on an SMS authentication code for the money transfer, the device is compromised thereby enabling increasingly larger amounts of money to be stolen.
“Because it is not a complex phishing attack, it has already gained traction in other parts of the world with fraudsters able to pose as virtually any service provider from prepaid electricity to airtime, naming just a few examples,” says Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa.
Phishing, regardless of the scheme used, is a significant issue that affects consumers and corporates alike. And while Kaspersky research in 2020 shows that the most frequent targets of phishing attacks were online stores (just over 18%), every person must remain vigilant against this scourge.
“Whether it is phishing emails or SMS messages, attackers are getting increasingly sophisticated. The poor grammar and spelling errors of the past have all but been eliminated and replaced with clever copy that can trick even the most experienced mobile user,” he says.
While the best form of defence is to install security software, that includes anti-virus, anti-malware, and anti-spam technology, on every device connected to the Internet, users can also delete unsolicited text messages or emails without opening them. They must also consider blocking those numbers or email addresses that perpetrate the phishing messages.
“In the connected world, phishing, like any other form of malware, is here to stay. Combining the best technology solutions with proven best practice become invaluable to mitigate against the potential risk of compromise,’ concludes Opil.