Phishing attacks, particularly through smishing (SMS phishing), are increasing in sophistication, manipulating recipients into clicking on malicious links by creating a sense of urgency. These tactics exploit human emotions and highlight the need for vigilance in recognizing such threats. Affected: businesses, individuals
Keypoints :
- Phishing attacks are becoming more sophisticated and include SMS-based tactics known as smishing.
- Smishing uses social engineering to create urgency, exploiting human emotions to prompt immediate actions from recipients.
- Attackers craft messages that appear urgent, often using misleading language to establish trust.
- Fake website links include redirects through legitimate domains to mask malicious intents.
- Phishing pages may impersonate trusted services, prompting users for their login credentials.
- Training and awareness programs are critical for individuals to recognize and avoid smishing attacks.
- Organizations are advised to educate their employees regularly about the risks associated with SMS-based phishing.
- Cofense offers training and simulation tools to prepare users against mobile-based threats.
MITRE Techniques :
- Initial Access (T1071.001): Use of smishing to initiate credential harvesting via SMS.
- Phishing (T1566.001): Deployment of deceptive SMS messages containing malicious links.
- Command and Control (T1071.001): Redirecting to a malicious domain (resolveservicedesk[.]com) through legitimate channels.
- Credential Dumping (T1003): Attempting to capture users’ login credentials and MFA data via phishing pages.
Indicator of Compromise :
- [URL] hXXps://google[.]com/amp/resolveservicedesk[.]com
- [IP Address] 172[.]253[.]122[.]113
- [IP Address] 172[.]253[.]122[.]138
- [IP Address] 15[.]197[.]130[.]221
- [URL] hXXps://resolveservicedesk[.]com
Full Story: https://cofense.com/blog/exploiting-sms-threat-actors-use-social-engineering-to-target-companies