San Mateo, July 8 – At NetSTAR, we continue to enhance our detection of smishing attacks. As we discover URLs and IP addresses associated with smishing attacks, they are added to our threat database on a continuous basis.
Smishing is an SMS-based phishing attack. Criminals and other bad actors combine technology and social engineering to carry out fraudulent activities, including identity theft and malware distribution. In the case of smishing, individuals receive text messages from bad actors. These messages most often attempt to influence individuals to enter personal information, usually by navigating to URLs that are almost identical to legitimate URLs, or to shortened URLs that obfuscate the destination. The fake URLs host sites that are intended to capture valuable information such as usernames and passwords, credentials, or payment methods.
Other smishing messages masquerade as legitimate sources and request direct responses from individuals via text message. Regardless of the action which the bad actors request of the individual, smishing constitutes a significant risk. According to Daniel Ashby, NetSTAR’s Sr. Vice President, “many individuals are far too trusting when they receive a text, especially one that suggests a problem such as ‘your account may have been hacked, click here to reset your password.’ Educating individuals remains a priority for our partners, while identifying smishing URLs and IPs remains a priority for NetSTAR.”
NetSTAR’s partners around the globe protect over 1.2 billion endpoints, including mobile devices, using NetSTAR technologies. These partners have a vested interest in identifying smishing attacks, especially mobile service providers whose networks are being used to propagate these dangerous and harmful activities. NetSTAR identifies the IP addresses of hosts that source smishing attacks, as well as URLs embedded in smishing attacks. These URLs and IPs are added to the NetSTAR threat database on a continuous basis, and NetSTAR URL and IP categorization databases are also updated accordingly. Partners without current access to the threat database can quickly add it with help from the NetSTAR team.