Numerous Bank Customers Getting Hooked on SMS Phishing
March 11, 2021
Event Overview Since February 2021, NSFOCUS’s emergency response team has found that several provinces in China saw multiple SMS phishing events using fake bank domain names. As these events bear a striking resemblance in the phishing playbook, attack means, and phishing website pages, we can largely determine that these attacks were launched by the same […]
Mobile Office——SMS phishing
January 18, 2019
Case Analysis
This story starts from an SMS message and ends with financial loss, sounding just like an ordinary telecom fraud. But it is distinctive in that a malicious link and a web page that contains a trojan are leveraged, indicating that the attacker is quite tech-savvy. After the mobile phone is infected with the trojan, the hacker can listen for and intercept SMS verification codes in the background. By using such information and the user’s ID card number and bank account information previously collected, the perpetrator can sign up for the quick pay service.