Expert Advice After SMS Bandits Leader Arrested For Large-Scale Phishing Scams

The Metropolitan Police Service’s cybercrime unit has arrested a 20-year-old man who is behind the high-volume phishing campaigns as part of SMS Bandits to trick people into handling their account credentials

Experts Comments

February 03, 2021
Peter Pendlebury
Technical Director
Cortex Insight

This SMS phishing service will have picked up a lot of victims because most people are unaware that attackers also use text as a way to distribute phishing scams.

 

Most security education focuses on telling people not to click suspicious links in emails, but very few warn about Smishing, which is very common and very easy for attackers to pull off.

 

Companies should ideally avoid sending out text messages which include links that need to be actioned, instead they should use SMS as a means to

.....Read More

This SMS phishing service will have picked up a lot of victims because most people are unaware that attackers also use text as a way to distribute phishing scams.

 

Most security education focuses on telling people not to click suspicious links in emails, but very few warn about Smishing, which is very common and very easy for attackers to pull off.

 

Companies should ideally avoid sending out text messages which include links that need to be actioned, instead they should use SMS as a means to send out information to customers. Anyone who receives an SMS from a source they do not recognise should treat it with suspicion, and never click on links or give away personal or financial information.

  Read Less
February 03, 2021
Javvad Malik
Security Awareness Advocate
KnowBe4

SMS phishing, or Smishing has been gaining popularity as a phishing channel to target unsuspecting victims. With the right software, it can be almost as easy to send mass smishing messages as it can be to send email phishes. 

 

People receiving links via SMS are often less suspicious when compared to links in emails, and have fewer tools available on their phone to easily validate the authenticity of a message. Therefore, it's vital that people are made aware of these scams and remain vigilant

.....Read More

SMS phishing, or Smishing has been gaining popularity as a phishing channel to target unsuspecting victims. With the right software, it can be almost as easy to send mass smishing messages as it can be to send email phishes. 

 

People receiving links via SMS are often less suspicious when compared to links in emails, and have fewer tools available on their phone to easily validate the authenticity of a message. Therefore, it's vital that people are made aware of these scams and remain vigilant about them. 

 

Organisations also need to be mindful of how they communicate with their customers and if they do use SMS, to not include links. Rather, invite people to navigate to their site directly. 

 

It's great to hear the suspect behind SMS Bandits has been apprehended, but Smishing is here to stay, and will only increase in frequency and sophistication over time.

  Read Less
February 03, 2021
Martin Jartelius
CSO
Outpost24

It should be noted that just as we see SaaS solutions for legal businesses, what has been taken down here is a SaaS solution for criminals, essentially a service providers with the means to facilitate part of the fraud, the distribution, but not committing the end fraud which is left to the buyer, the other criminals. Just as EncroChat provided criminals a means of encrypted communication without requiring individuals to arrange secure communications, this service has provided criminals without

.....Read More

It should be noted that just as we see SaaS solutions for legal businesses, what has been taken down here is a SaaS solution for criminals, essentially a service providers with the means to facilitate part of the fraud, the distribution, but not committing the end fraud which is left to the buyer, the other criminals. Just as EncroChat provided criminals a means of encrypted communication without requiring individuals to arrange secure communications, this service has provided criminals without the skills or means to do so to send a large volume of text messages.

  Read Less
February 03, 2021
Jake Moore
Cybersecurity Specialist
ESET

Smishing continues to rampage through smartphones and catch people out due to the more authentic feel and the lack of ways to verify when compared to a traditional phishing email. Not only are people less suspicious when receiving text messages, these messages often come packed with a level of fear attached in order to manipulate the unsuspecting victims into clicking the link without even a moment to think.

 

Anyone receiving such text messages with links must first spend time studying the

.....Read More

Smishing continues to rampage through smartphones and catch people out due to the more authentic feel and the lack of ways to verify when compared to a traditional phishing email. Not only are people less suspicious when receiving text messages, these messages often come packed with a level of fear attached in order to manipulate the unsuspecting victims into clicking the link without even a moment to think.

 

Anyone receiving such text messages with links must first spend time studying the URL. There will often be a clue in the wording that when inspected will highlight that it likely won’t take you to the genuine site. If ever in doubt, contact the genuine company on a number you find on the true website.

 

It is also advisable to block such numbers from texting you, as well as contact your service provider who can take action against spam messages. Although this won’t completely eradicate the problem, it may help towards receiving less unsolicited messages in the future.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.