Widespread ‘Smishing’ Campaign Defrauds Iranian Android Users

Attackers use socially engineered SMS messages and malware to compromise tens of thousands of devices and drain user bank accounts.

Attackers are impersonating the Iranian government in a widespread SMS phishing campaign that is defrauding thousands of Android users by installing malware on their devices that can steal their credit card data and siphon money from financial accounts.

Researchers from Check Point Research estimate that the campaign, which sends so called “smishing” messages that entice victims to visit a malicious website, has already compromised tens of thousands of devices. This has resulted in the theft of billions of Iranian rial (or hundreds of thousands of US dollars), they said in a report published Wednesday.

The campaign is first delivered as a standard smishing attack, using socially engineered SMS messages sent to a potential victim’s device to lure them to a malicious website, researchers said. There they are asked to enter account info while Android malware silently installs a backdoor on devices.

What’s been impressive about the campaign is its ability of attackers to defraud so many people of so much money, researchers said.

“What is noteworthy about these current campaigns is the sheer scale of the attack,”

Read More: https://threatpost.com/smishing-campaign-iranian-android-users/176679/