SMS Phishing at the SANSFire 2011 Handler Dinner

Published: 2011-07-19
Last Updated: 2011-07-19 21:28:11 UTC
by Richard Porter (Version: 3)
5 comment(s)

After a great "State of the Internet" Panel at SANSFire 2011 with the Internet Storm Center Handlers we began to reflect on Phishing, Spear Phishing, FAKE-AV etc and how this threat is never going away.

In another episode of "Handlers have lives too" we get Phishing and run into strangeness as well. While sitting at our Handler Dinner a Handler Phone buzzed with a text message. Not unusual, but when examined a good gut chuckle rumbled out of the handler (By the way, that handler was me).

The message then got passed around to the rest of the handlers. It was then that Dr Johannes Ullrich, our boss, said "Take a screenshot and post it."

On a serious note, after taking a look at this screen shot, ask yourself, who would fall victim to this? Notice the optout,reply,stop?

One of our sister sites has great information on "Securing the Human OS" and this plays right into that shameless plug [1]. Technology is so pervasive and only going to get more complex.


Richard Porter

--- ISC Handler @ SANSFire 2011



UPDATE: Image has been moved and hosted on ISC server.

5 comment(s)


Where is the screenshot?
It is on another server so if you have something blocking content from other sites you might not see it.

I fail to see the phish.. to me it looks like the usual instant-credit spam.
I have a co-worker who is receiving lots of SMS spam. He asked me what he can do about it. I can provide suggestions on how to filter email using our anti-spam solution or, in our case, Outlook filters. But I don't know what to do about SMS spam. Any suggestions?
Replying to short code senders with STOP is AT&T's documented response.
They should be held to the Do Not Call list.

Diary Archives