SMS phishing (Smishing) continues to be one of the top 10 security threats for the telecom industry. According to GSMA’s annual Mobile Telecommunications Security Landscape report, Smishing is a leading threat to mobile operators alongside ransomware, malware, spyware, critical national infrastructure attacks, fraudulent SIM swap, interconnect attacks, attacks on virtualized and cloud-based infrastructure - as well as the human and supply chain threats. It’s estimated that Smishing rose 47% from 2021 to 2022, and, unfortunately, the threat to mobile operators is only intensifying. How can communication service providers (CSPs) protect their networks and customers from the surge of this threat vector?
1. International law enforcement
International law enforcement agencies have invested time and resources to counter the rise in criminal activity via Smishing. In 2022, an international operation involving 11 countries and coordinated by Europol’s European Cybercrime Centre took down an SMS-based FluBot spyware that was infecting Android phones. At the time, it was the fastest-spreading mobile malware that was used to steal passwords and other sensitive information, such as online banking details, from infected smartphones across Europe and in Australia. While this was a major feat in international coordination and technical achievement, the first instance of this version of FluBot was detected in December 2020, two years before the authorities were able to disrupt the criminal infrastructure and render this strain of malware inactive. The volume, velocity, and variety of new attacks launched by hackers underpin that communications service providers can’t leave the protection of their networks and customers solely to the authorities and regulators.
2. SMS firewalls
SMS firewalls can provide protection by identifying and extracting embedded URLs in the SMS payload, checking it against a list of known blocked domains, and blocking the SMS if the URL contains a bad domain. However, the efficacy of this approach is only as good as the list that the URLs are being compared to. This approach falls short in today’s environment because:
- URLs are shortened, and therefore, do not appear in the bad domain list.
- New phishing sites appear and are recycled very quickly.
- New capabilities that combine volumetrics, sender IDs, content and URL inspection are required.
- Bad actors can hijack good URLs, which then require additional validation.
While SMS firewalls provide a good first line of defense, more advanced solutions are needed to mitigate Smishing campaigns as they get more sophisticated.
3. URL scanner
URL scanning technology provides an additional layer of checks where SMS firewalls typically fall short. A URL scanner provides a real-time solution that identifies and scores the reputation of a URL by verifying the underlying URL against a multitude of attributes, including checks with bad domain lists, operator DNS Response Policy Zones (DNS-RPZ) query, and operator/ regulator-specific blocked and allowed URL lists. A score is then calculated to determine whether the domain is good or bad and whether the SMS firewall should block the SMS or take another action. A URL scanner must also provide a list of artifacts that security analysts can use to perform additional analytics. URL scanning technology significantly augments the protection provided by SMS firewalls while also helping CSPs to proactively protect themselves and their subscribers against zero-day attacks.
URL scanning technology is already available and can be seamlessly integrated with existing SMS firewalls so that CSPs can take advantage of this technology immediately to start protecting their networks and customers today.. In addition to providing advanced filtering mechanisms, Mobileum’s URL Scanner solution supports an extensive set of validations as part of the forensic acquisition of a webpage and gives the user the ability to configure the measures and weighting of the scores to ensure that the information reflects the local context and market.
For more information about Mobileum’s URL scanner and the benefits you can achieve, download the datasheet.
Let Us Know What You Thought about this Post.
Put your Comment Below.