As the holidays approach, the volume of short message service (SMS) phishing has almost doubled from the same period in the prior year, continuing a trend of SMS-text phishing growing as a vector to attack mobile users and their devices, messaging-security firm Proofpoint stated in a blog post on Nov. 23. 

In the first half of 2021, global reports climbed by 270% compared to the same period in 2020. While the recent surge is almost entirely aimed at consumers, those attacks can easily cross over to business systems, especially as many employees are working remotely and from their own devices, according to Proofpoint. 

SMS phishing is also only the initial attack vector. Many attackers install malware on target devices after a successful compromise, says Jacinta Tobin, global vice president of Cloudmark operations at Proofpoint.

“Smishing attacks are becoming more sophisticated and there are other attacks using malware which can control significant device functionality,” she says. “These sophisticated smishing and malware attacks pose serious risks to mobile users and opens the door to enterprise-type attacks.”

The end of the year has become an annual focus of attackers aiming to profit in some way from the massive economic activity that accompanies the holiday season. In the past, the most common tactics included unsolicited email messages or advertising fraud.

Use of text messages as a phishing vector has become more popular because it is effective. Text messages have a…

Read more…