Home / Blogs

Smart Phishing for Smartphones

Don't miss a thing – sign up for CircleID Weekly Wrap newsletter delivered to your inbox once a week.
Frederick Felman

A common security prediction for 2010 is the continued rise of malware and phishing attacks on mobile phones. The MarkMonitor Security Operations Center recently detected an interesting twist on this theme involving a popular smartphone and the latest smart technologies used by cybercriminals. In this case, instead of compromising a smartphone to steal its information, cybercriminals used phishing techniques to clone smartphones.

Here's how it works. Emails which offer a free one-year warranty extension for a popular smartphone, link to a company-branded web page. That web page asks for an email address and then smartphone serial number, IMEI number, type of phone, and capacity of phone. See below for examples of the phishing web page.

Cybercriminals use the information requested on the web page to clone the smartphone for various uses, including stealing long-distance service from the subscriber or simply using a deniable, disposable smartphone for other criminal activities. In effect, the cybercriminals used phishing techniques to clone smartphones.

This recent attack also stands out because it utilizes some advanced technologies and suggests possible directions of future cybercriminal activity. First, the attack uses server-side logic that hides the phishing site unless it is accessed through the browser produced by the smartphone company. Second, the attack uses additional protective technology in the form of a fast-flux network, which hides the phishing site behind a dynamic network of ever-changing proxies. These two smart technologies demonstrate how cybercriminals continue to focus their efforts on making their attacks targeted, stealthy, and resilient.

By Frederick Felman, Chief Marketing Officer at MarkMonitor. More blog posts from Frederick Felman can also be read here.

Related topics: Cybercrime, Cybersecurity, Mobile Internet

 
   

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

Afilias

DNS Security

Sponsored by Afilias
Afilias Mobile & Web Services

Mobile Internet

Sponsored by Afilias Mobile & Web Services
Verisign

Cybersecurity

Sponsored by Verisign

Promoted Posts

Now Is the Time for .eco

.eco launches globally at 16:00 UTC on April 25, 2017, when domains will be available on a first-come, first-serve basis. .eco is for businesses, non-profits and people committed to positive change for the planet. See list of registrars offering .eco more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Major Media Websites Lose Audience Due to Slow Load Times on Mobile

Leading Internet Associations Strengthen Cooperation

DeviceAtlas Wins 2017 IHS Markit Innovation Award

DeviceAtlas' Deep Device Intelligence Now Addresses Native App Environment

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Airpush Chooses DeviceAtlas to Provide Device Awareness to Mobile Ad Network

DeviceAtlas Releases Q2 2016 Mobile Web Intelligence Report, Apple Loses Browsing Market Share

Facilitating a Trusted Web Space for Financial Service Professionals