Phishy text message tries to steal your cellphone account

Lots of people still think of phishing as a type of scam that arrives by email.

That’s because most phishing attacks do, indeed, arrive in your inbox – sadly, spamming out emails is cheap and easy for crooks, and it delivers results simply because of the volume they can achieve.

But phishing isn’t only about email – it’s a scamming technique that applies to every form of electronic messaging, including social media, instant messaging…

…and even, or perhaps especially, good old SMS texts.

One of the delightful simplicities of SMS is that it was designed back when mobile phones first came out, and thus when network bandwidth was limited.

So SMSes are short, simple, and text-only, and this stripped-down nature actually makes them ideal for crooks.

Messages sent via SMS unexceptionably use a brief and direct style that makes it much easier to get the spelling and grammar right.

The brevity of SMSes also means that shortened or unusual-looking URLs are commonplace, so we’re more inclined to accept them than we would be if they showed up in an email.

from Naked Security – Sophos