Customized spam uses cell phone users’ data against them
Posted on 19 June 2013.
Bookmark and Share
US mobile spammers are using cell phone users’ personal data to launch invasive, highly targeted attacks, according to AdaptiveMobile.


For the first time, mobile spammers can use such information as the subscriber’s first name, zip code, income level, and ethnicity to make attacks personalized and more effective.

The report has found a key driver for the spam is the availability of cheap, databases of US cell phone subscriber data. For example, for $199, criminals can purchase a list of 50,000 mobile phone users’ data broken out by first name and zip code. They are seeing such attacks as:
  • 11,500 bank card deactivation texts sent from spammers that purportedly came from a local bank in the Tennessee area
  • A junk car buyback scam that blanketed the 786 area code, a location where 18 percent of the population lives below the poverty line.
An emerging source of spam – the virtual carrier – is more difficult to detect and stop. Spam by virtual carrier occurs in low-level, long-running campaigns with a maximum of 150 texts per spammer vs. the fixed carrier model, which averages 2000 messages per sender.

These types of low-level spam are usually illegal, malicious messages that look to grab financial and other sensitive data or to monitor activity on the phone. Carriers increasingly need to protect subscribers against attacks that bypass traditional detection methods.

“The complexity of these attacks combined with their ability to use such targeted, personalized information make them lethal and highly effective,” said Gareth Maclachlan, COO and co-founder of AdaptiveMobile. “Criminal elements know that mobile is an excellent revenue source and that the more targeted the attack, the more profitable it will likely be. Carriers are faced with the tasks of monitoring criminal activity, and stopping threats that are continually becoming more sophisticated.”





Spotlight

Attackers use reflection techniques for larger DDoS attacks

Posted on 17 April 2014.  |  Instead of using a network of zombie computers, newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. This approach can lead to the Internet becoming a ready-to-use botnet for malicious actors.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Apr 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //