BY Richard Summerfield
‘Smishing’, a cyber attack strategy which combines SMS and phishing, is an increasingly prevalent form of cyber attack, according to a new report from Infoblox.
In its ‘Cyber Threat Report Q2 2022’ report, Infoblox notes that smishing is a new and sophisticated mechanism to obtain personal and financial information from victims, through false forms on fraudulent sites.
Smishing messages are sent to potential victims by malicious actors in order to get them to reveal private information, including passwords, identities and financial data. Typically, smishing messages include some incentive for the recipient to click a link, which may be for a site that hosts malware or a page that attempts to convince the user to submit data through a form.
To avoid falling victim to a smishing attack, Infloblox notes that parties should: “Always be suspicious of unexpected text messages, especially those that appear to contain financial or delivery correspondences, documents or links. Never click URLs in text messages from unknown sources. In the campaign under discussion, the source was the recipient, who did not send the message, and that is a red flag.”
“Our report shares research on many dangerous malware threats,” said Mohammed Al-Moneer, regional director, META at Infoblox. “Security effectiveness depends on timely, up-to-date threat intelligence.”
The Q2 2022 report includes information on industry alerts, advisories, reports and original research published from 1 April to 30 June 2022, by the Infoblox Threat Intelligence Group (TIG), Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Agency Central Security Service (NSA-CSS). Infoblox releases a Quarterly Cyber Threat Intelligence Report, which compiles the main threats and security breaches detected during recent months worldwide.