About Thawte

News

Growth in SMS malware attacks take advantage of smartphone users

As the public continues to rely on mobile devices to access their personal information in growing numbers, cybercriminals have been quick to recognize the value of text messaging as a new source of vulnerability for malware attacks. According to a recent report, threats leveraging SMS functionality are growing at a rate of 300 percent year-over-year, suggesting that new phishing will become a more common risk among cell phone users.

Though email-embedded malware has existed for years, some experts stated that because the telephone is traditionally considered a trustworthy communication device, it could prompt some users into believing that their smartphone is more secure than it actually is.

"Attackers are well aware of this wide acceptance [of mobile phones being perceived as 'safe'] and use this trust to their advantage," said the report. "As an example, many believe that any communications via their smartphone – whether via traditional call or via SMS – must be from someone they know or have done business with."

Different from email
Unlike email, where a combination of educational initiatives and spam filters have reduced hidden malware threats to acceptable levels, the way in which people interact with their mobile device at any time can give attackers more opportunities for potential victims to make an uninformed decision, effectually compromising that device and the owner's information in it. Also unlike the email, which averages an open rate around 20-25 percent and wait time of 24 hours, SMS open rates currently exceed 90 percent and are often opened instantaneously, the report stated. While clickthroughs of spam texts currently hover in the low double digits, even a high percentage of users supposedly aware of scams could be duped into thinking that replying "Stop" would stave off an attack.

InformationWeek cited in an analysis of the report, revealing that there were 350,000 variants and more than 50,000 unique SMS attacks in December 2012 alone. Part of the explanation for this increase and high volume is due to the most common form of attacks being gift card scams that were sent out en masse during the holiday season.

"Blended" message threats a new technique
Cybercriminals have also begun to coordinate malware attacks across various mediums to include email, instant messaging, social media and SMS. Through advanced social engineering techniques, "blended" messaging gives the added impression that the consistency in communication across platforms gives the illusion of legitimacy.

A solid reputation goes a long way for businesses conducting online transactions. Ensure that information remains secure secure with an SSL certificate with the Thawte Trusted Seal.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?