It has been reported that a massive SMS spamming operation kicked out tens of millions of text messages, pestering unsuspecting recipients with links to fake sites flogging loans and free money. The operation was simple but smart. The system processed vast batches of phone numbers and curated custom messages on the fly with links to the fake sites. These fake sites urged spam victims to sign up with their name, email address and phone number and promised “free money… for real.” Security researcher Bob Diachenko found the spam-sending database on an exposed server last month.
An unsecured SMS spam operation doxxed its ownershttps://t.co/8A9IsyEXIQ
A massive SMS spamming operation kicked out tens of millions of text messages, pestering unsuspecting recipients with links to fake sites flogging loans and free money. The operatio pic.twitter.com/sT1Q4bXeoe
— M157q News RSS (@M157q_News_RSS) May 9, 2019
Tom Davison, Director EMEA at Lookout:
“As more of our daily interactions move to mobile devices we exponentially increase the possible entry points for unsolicited contact. SMS is just one example, with email, messaging services and social media being other popular avenues. The challenge for the end user comes with validating the reputation of the sender and the associated risk in following up. If individuals come across a similar campaign or they are unsure of the sender, then the advice remains the same to never click on any links in texts or share personal details. In addition, a mobile endpoint security solution that assesses web & content risk removes this uncertainty and allows for safer interactions.”