SMS phishing is becoming more common as hackers look for new ways to steal information.
SMS phishing, which is also called “smishing,” is done by hackers that send links to mobile phone users. These links contain addresses to websites that appear to be legitimate. However, the websites actually steal the login information for the sites they are imitating.
The SMS phishing attacks work with the help of a technique called “URL padding.” This has the actual address of the website being pushed forward with hyphens. Due to this the website appears to be legitimate.
Here are a few examples from PhishLabs of URL padding used by hackers in SMS phishing attacks to steal usernames and passwords from their victims.
- hxxp://login.Comcast.net——-account-login-confirm-identity.giftcardisrael[dot]com/
- hxxp://accounts.craigslist.org-securelogin————–viewmessage.model104[dot]tv/craig2/
- hxxp://offerup.com——————login-confirm-account.aggly[dot]com/Login%20-%20OfferUp.htm
In the cases listed above, the actual domain names are near the end of the URLs. The hyphens push these forward to hide them in mobile web browsers. This makes it so that only the beginning part of the URL appears in the address bar, which makes it look like a legitimate website.
PhishLabs saw roughly 50 of these SMS phishing attacks in 2017 by mid-June and said they started gaining more traction in March. The attacks seek information for social media accounts, such as Facebook Inc (NASDAQ:FB), in an attempt to spread the phishing further. The hackers are also likely hoping to use some of the stolen credentials to log into other accounts that users have the same username and passwords for.
As of this writing, William White did not hold a position in any of the aforementioned securities.
