According to LogicaCMG, SMiShing is the mobile text message equivalent of computer phishing attacks, where users are tricked into handing over valuable private information or persuaded to go to fake websites where spyware and other malicious programmes can be downloaded.
SMiShing basically takes a “social engineering” approach to spam, in that it attempts to take advantage of a subscribers´ lack of knowledge. This variation of spam does not directly attack handsets like a virus would. The hackers responsible for it are financially driven to exploit legal loopholes and the latest technologies to get hold of personal data. Recent attacks have included false online dating subscriptions and job offers via SMS, asking users to go to websites to unsubscribe the service.
Nabil Y. Khalil, director, telecoms at LogicaCMG in the Middle East and North Africa, said: “Mobile spam and viruses present distinct threats from their internet-based equivalents and require a different approach to prevent and control them. Mobile operators worldwide have a big role to play in protecting subscribers from SMiShing.”
“Ensuring that users have this knowledge is an opportunity for mobile operators in the Middle East and North Africa. Like most spam, these messages can be recognised by an operator with the right network tools, and can be labelled upon delivery in such a way that a warning arrives on the handset at the same time as the SMiShing message. LogicaCMG’s content control solution provides the network security to detect possible spam and can then notify users so that they are fully aware of the content within the message. This is done by inserting warning text at the start of a message, thus providing the necessary information for the user to be able to make an informed decision.”