Cloudmark is now part of Proofpoint. Learn More

About Proofpoint


Mobile Messaging Threat ReportAugust 2013

Spammers Target Specific Area Codes Disguised as User’s Carrier or Bank

This August, the United States saw the continuation of a highly targeted phishing campaign aimed precisely at specific geographic regions. These attacks have come in two flavors. The first, a form of account phishing, impersonates official SMS messages from each user’s carrier in an attempt to steal the victim’s login credentials. Isolated mostly to Austin, Texas, attackers seem to know with an alarming degree of accuracy exactly which carrier each victim in Austin uses. Their message is tailored to impersonate that carrier instead of blindly flooding sets of numbers.

Another run of phishing attempts is using the recipients area code to custom tailor their bank phishing messages. Live in Phoenix or Mesa, AZ? Phishing messages to your phone try to pass off as SMS from Arizona Federal Credit Union. Members of San Antonio see SMS imitating another regional bank, Generations Federal Credit Union. Central Georgia and several other non-metropolitan areas seem to be stricken with a more blanketed form directed at pre-paid debit cards issued by a government benefits program, social security.

Figure 1
Figure 2

PPI Compensation scams in the UK follow a similar vein on a national scale. A set of fines levied by the UK’s Financial Services Authority for Payment Protection Insurance abuse has resulted in compensation for those who were mis-sold the insurance. Enterprising spammers have extended promises of such payouts to UK numbers. Luckily, these scams only aim to appropriate personal information for resale and marketing.

Wide-spectrum financially themed SMS spam is still alive and well on a global scale though. Payday loan spams alone contributed to approximately 36% of all SMS spam this month. Altogether, spam and scams using financial hooks (highlighted with green in Figure 3) accounted for 70% of SMS reports.

Figure 3

During August of 2013, SMS spam and scams:

  • Directed users to URLs in 56% of cases;
  • Used phone numbers for 18% of pitches;
  • Asked 26% of recipients to reply directly via SMS.

Cloudmark 2013年8月 - モバイルメッセージング脅威レポート (523KB)


Cloudmark 2013年8月 - モバイルメッセージング脅威レポート (523KB)


Cloudmark は、10年余にわたる世界最大のメッセージング環境の保護経験を持つ会社です。この経験を基にCloudmark だけが、10億人の加入者からのグローバル脅威情報と各地の行動状況の追跡を結び付け、金銭的損失に加えブランドやレピュテーションの棄損につながるデータの窃盗やセキュリティの違反に対する即時保護や予測防護を行っています。


サイトマップ  •  プライバシーポリシー  •  ©2002–2020 Cloudmark, Inc.