Security News > 2020 > February > SMS Phishing Campaign Targets Mobile Bank App Users in North America

SMS Phishing Campaign Targets Mobile Bank App Users in North America
2020-02-14 17:45

A mobile phishing campaign that targeted customers of more than a dozen North American banks, including Chase, Royal Bank of Canada and TD Bank, managed to hook nearly 4,000 victims.

The attacks used an automated SMS tool to blast bogus security text messages to mobile phone users between June and last month.

Mobile security firm Lookout identified the "Mobile-first" phishing campaign and said that victims were sent text messages claiming that their bank detected suspicious activity tied to their account.

"The are built to look legitimate on mobile, with login pages mirroring mobile banking application layouts and sizing, as well as including links like, 'Mobile Banking Security and Privacy' or 'Activate Mobile Banking,'" wrote Lookout researchers Apurva Kumar, staff security intelligence engineer and Kristin Del Rosso, senior security intelligence engineer, in a report published Friday.

"Since mobile users are typically on the move and less likely to scrutinize the authenticity of an SMS message, text messages have become an attractive new attack vector," researchers wrote.


News URL

https://threatpost.com/sms-phishing-bank-app-north-america/152896/