Increased attacks via SMS (October 2021) The BSI warns of increased SMS phishing
The Bundesmat für Sicherheit in der Informationstechnik (BSI) is currently warning of a smishing wave.
For months, users of smartphones and mobile phones have been receiving text messages asking them to click on a link. This is so-called “smishing” – a neologism made up of the terms SMS (short messages) and phishing (theft of access data via fake messages or e-mails).
In the spring of 2021, mainly fake parcel notifications were used.
Android users are offered the download of an app via the link in the SMS message. However, this app does not solve any of the fake problems, but spies out local address data, spreads further malicious SMS messages and carries out phishing attacks. The criminals disguise the malware, for example, as an app supposedly necessary for tracking parcels from well-known logistics companies such as FedEx or DHL.
Apple iOS users usually end up on advertising or phishing pages.
Since autumn 2021, an increasing number of false SMS messages have been sent asking to call up an alleged voice message (voicemail) or warning of an alleged infection with malware and that an alleged security update should be downloaded. Another variant informs about allegedly stolen private photos.
Behind the link from the message are instructions on how to download the voice message or an alleged security update. Only those who download these files install the fraudsters’ malware.
- Do not click on the links contained in the message.
- Do not download any files from an unknown source.
- Delete the suspicious SMS message immediately.
The BSI recommends:
What should I do if I receive such an SMS message?
All these SMS messages have in common that they contain a link. This link leads directly to malware or phishing sites where you are supposed to disclose sensitive information. If you have NOT yet clicked on the link, the BSI advises:
- Do not click on the link and delete the message immediately after receiving it. If you know the sender, call him or her, for example, and ask whether the SMS is correct.
- Block the sender of the message via your operating system.
- Only download apps from the known stores and not from external sources. Under Android, deactivate the installation of apps from unknown sources. To do this, search for “Apps from unknown sources” or “Install unknown apps” in the settings and remove the tick there.
- Whether Android or iOS: Update your device! IOS is currently available in version 15.0.2. Android receives security updates for systems 8.1, 9, 10 and 11. You can find tips for effective basic protection on our other web pages.
- You can have your mobile phone provider activate the third-party provider block. This will avoid accidental costs or possible costs caused by malware as far as possible. You can obtain information on how to do this from the information services or service portals of your mobile phone provider.
What do I do if I have already clicked on a link and/or disclosed data?
If you have already clicked on a link or even installed software, the BSI recommends the following:
- Take your device out of the mobile network by activating flight mode. This will prevent further SMS transmission and possible communication of Android malware with other devices.
- Inform your mobile phone provider about your case.
- For example, check your bank account or your payment service provider for debits that you did not intend.
In this case, it is also advisable to have a third-party provider block set up. Your mobile phone provider can help you here.
- File a complaint with the local police station. Take your smartphone with you to preserve evidence. Members of the TU Braunschweig: In the case of smartphones belonging to the TU Braunschweig, first contact department 11 (legal department) and do not file a complaint yourself!
- Reset your smartphone to factory settings (after you have filed a complaint). Before doing so, back up all important data such as photos, documents, etc. locally (for example via a USB connection). With the factory reset, all saved and installed data will be lost. However, this step is necessary to completely remove the Android malware distributed via the current SMS spam messages.
Translated with www.DeepL.com/Translator (free version)