Smishing: Social Engineering Attack Essay

711 WordsMar 29, 20123 Pages
SMiShing: Social Engineering Attack. Ever since the creation of the first hand-held mobile phone in 1973, market demands had forced the market of mobile phones to grew rapidly. Just in the twenty years from 1990 to 2011, worldwide mobile phone subscriptions grew from 12.4 million to over 5.6 billion, penetrating the developing economies leading to job creations and opportunities for competitive markets. The features of mobile phone are greatly improved and innovated from time to time; starting from bulky Motorola DynaTAC, which only function is to store numbers and make calls, to Samsung Galaxy Series smartphones that could do pretty much anything. Parallel to the development of mobile phones, various social engineering techniques are also developed to catch up with the technology. The technology of Short Message Sending (SMS), while had been very useful to aid communications, is also a very dangerous tool to be exploited by social engineers. Similar to phishing, SMS Phishing or SMiShing is a social engineering technique that exploits the use of SMS to deliver the "bait" in order to have get victims reveal their personal and confidential information. The smishing text message may be sent from numbers that seem like a legitimate mobile services provider, but with small, indistinct differences. Unaware victims may reveal his personal information such as email, ID number and personal address. The “bait” used usually contains something that wants the victim’s instant attention; some examples include: * "We’re confirming you've signed up for our service. You will be charged $1.00/day unless you cancel your subscription on this URL: www.*?*.com." * "(Name of a bank) is confirming that you have purchase a $1500 computer from (name of a computer company). Visit www.phonyurl.com if you did not make this online purchase" * "(Name of a mobile service

More about Smishing: Social Engineering Attack Essay

Open Document