Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: SMS Phishing at the SANSFire 2011 Handler Dinner - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
SMS Phishing at the SANSFire 2011 Handler Dinner

After a great "State of the Internet" Panel at SANSFire 2011 with the Internet Storm Center Handlers we began to reflect on Phishing, Spear Phishing, FAKE-AV etc and how this threat is never going away.

In another episode of "Handlers have lives too" we get Phishing and run into strangeness as well. While sitting at our Handler Dinner a Handler Phone buzzed with a text message. Not unusual, but when examined a good gut chuckle rumbled out of the handler (By the way, that handler was me).

The message then got passed around to the rest of the handlers. It was then that Dr Johannes Ullrich, our boss, said "Take a screenshot and post it."

On a serious note, after taking a look at this screen shot, ask yourself, who would fall victim to this? Notice the optout,reply,stop?



One of our sister sites has great information on "Securing the Human OS" and this plays right into that shameless plug [1]. Technology is so pervasive and only going to get more complex.

[1] http://www.securingthehuman.org

Richard Porter

--- ISC Handler @ SANSFire 2011

Richard

164 Posts
ISC Handler
Where is the screenshot?
netsec_consult

1 Posts
It is on another server so if you have something blocking content from other sites you might not see it.

pedantictheory.com/…

donald

206 Posts
ISC Handler
I fail to see the phish.. to me it looks like the usual instant-credit spam.
Visi

41 Posts
I have a co-worker who is receiving lots of SMS spam. He asked me what he can do about it. I can provide suggestions on how to filter email using our anti-spam solution or, in our case, Outlook filters. But I don't know what to do about SMS spam. Any suggestions?
Visi
5 Posts
Replying to short code senders with STOP is AT&T's documented response.
http://www.wireless.att.com/support_static_files/KB/svc/documents/1220912515172.Anti-spam%20FAQ%20080707%20Consumer.pdf
They should be held to the Do Not Call list.
dave

21 Posts

Sign Up for Free or Log In to start participating in the conversation!