Spammers Target Specific Area Codes Disguised as User’s Carrier or Bank
This August, the United States saw the continuation of a highly targeted phishing campaign aimed precisely at specific geographic regions. These attacks have come in two flavors. The first, a form of account phishing, impersonates official SMS messages from each user’s carrier in an attempt to steal the victim’s login credentials. Isolated mostly to Austin, Texas, attackers seem to know with an alarming degree of accuracy exactly which carrier each victim in Austin uses. Their message is tailored to impersonate that carrier instead of blindly flooding sets of numbers.
Another run of phishing attempts is using the recipients area code to custom tailor their bank phishing messages. Live in Phoenix or Mesa, AZ? Phishing messages to your phone try to pass off as SMS from Arizona Federal Credit Union. Members of San Antonio see SMS imitating another regional bank, Generations Federal Credit Union. Central Georgia and several other non-metropolitan areas seem to be stricken with a more blanketed form directed at pre-paid debit cards issued by a government benefits program, social security.
PPI Compensation scams in the UK follow a similar vein on a national scale. A set of fines levied by the UK’s Financial Services Authority for Payment Protection Insurance abuse has resulted in compensation for those who were mis-sold the insurance. Enterprising spammers have extended promises of such payouts to UK numbers. Luckily, these scams only aim to appropriate personal information for resale and marketing.
Wide-spectrum financially themed SMS spam is still alive and well on a global scale though. Payday loan spams alone contributed to approximately 36% of all SMS spam this month. Altogether, spam and scams using financial hooks (highlighted with
green in Figure 3) accounted for 70% of SMS reports.
During August of 2013, SMS spam and scams:
Directed users to URLs in 56% of cases;
Used phone numbers for 18% of pitches;
Asked 26% of recipients to reply directly via SMS.