SMS phising can take you to a fraudulent website

Phishing is now spilling over to your mobile phone. The next time you receive an SMS from your mobile operator informing you about a service you have subscribed to and asking you to call a certain number to unsubscribe, beware, it can be a phishing message. Just like computer users who click on spam emails and are taken to a fraudulent website posing as a legitimate one, SMS phishing (or simply ‘SMiShing’) similarly dupes the mobile user to visit a phished site by sending an SMS pretending to be from a trustworthy entity. If one falls in the trap, it can lead to leakage of sensitive information such as user names, passwords and even credit card numbers. While SMS phishing or SMiShing misleads the user to visit a website, ‘vishing’ on the other hand directs the user to call on a number, for instance the customer care number of a telecom service provider, which instead is routed to a hacker. Voice phishing or ‘vishing’ uses a combination of voice over Internet protocol (VoIP), SMS and the Internet to dupe the receiver into dialing a phone number and collect sensitive subscriber information for financial gain. As mobile phones become general purpose computing platforms, they are increasingly being subjected to new vulnerabilities like SMiShing and voice phishing. According to Anti-Phishing Working Group (APWG), an International agency which tracks phishing incidents, India ranks third with about 9.39% of the total phishing incidents that were reported globally, last year. India’s computer emergency response team (CERT) recorded 1,237 cyber security-related incidents in 2007. According to Gartner, phishing-related losses have been estimated at $2.8 billion with a single victim losing $1,244 in 2007. Says Trend Micro country manager for India and SAARC Niraj Kaushik, “The number of phishing crimes that are reported in the public domain is much lower than the actual number of incidents that happen. Victims often do not report due to lack of a centralized complaint registering mechanism. Moreover, tracking the perpetrator is difficult.” Though the government launched a ‘do-not-call’ registry to keep unauthorised callers at bay, the losses resulting from mobile phishing are increasing constantly. In one of the cases, an Airtel customer was misdirected by a caller pretending to be from Airtel customer care. The caller informed that she had been subscribed to a caller tune and to cancel it, a certain number will have to be dialed. When the customer called the said number she was instead directed to a hacker. According to Informa Telecoms & Media (ITM) study, sponsored by McAfee, 83% of mobile operators are hit by mobile device infections annually. With corporates increasingly adopting business mobility, SMS phishing and vishing attacks pose a serious problem. According to a global survey by Nokia, more than 71.2% of corporate subscribers by 2010 will be using SMS and SMS based applications for business mobility. Mobile commerce is another industry, which can be severely hit by SMS scams. New Mcommerce services like money transfers, bill payments and remittances via mobile are on the rise. Currently, 16% of mobile phone subscribers already use mobile banking services, says a survey by Harris Interactive, a global research firm. As more and more applications get launched, security on the mobile will become a major concern lest telecom operators take notice. By Ms.Bobby Aanand, Metropolitan Jury.

"Loved reading this piece by Ms. Bobby Anand?
Join LAWyersClubIndia's network for daily News Updates, Judgment Summaries, Articles, Forum Threads, Online Law Courses, and MUCH MORE!!"

Join our Telegram group

Join our Whatsapp group