T-Mobile sounds the alarm over unblockable SMS phishing attacks

News
By Sead Fadilpašić
published

Phishing messages sent to group channels cannot be blocked

Hook on Keyboard
(Image credit: wk1003mike / Shutterstock)

Mobile network operator T-Mobile has warned its users of an unblockable smishing campaign that aims to steal their personal information and passwords, or install malware.

According to a BleepingComputer report, T-Mobile warned its users after the company was itself alerted by the New Jersey Cybersecurity / Communications Integration Cell (NJCCIC), an arm of the Office of Homeland Security and Preparedness working on cybersecurity threat analysis and incident reporting. 

The NJCCIC was approached by “multiple” customers, who had received group SMS messages pretending to be from T-Mobile. The message thanked the recipient for paying their bills on time and offered a free “gift”, to be claimed via the web link provided.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022end of this survey

<a href="https://polls.futureplc.com/poll/2022-cybersecurity-survey" data-link-merchant="polls.futureplc.com"" target="_blank">Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the <a href="https://polls.futureplc.com/poll/2022-cybersecurity-survey" data-link-merchant="polls.futureplc.com"" data-link-merchant="polls.futureplc.com"" target="_blank">end of this survey to get the bookazine, worth $10.99/£10.99.

Group messages cannot be blocked

When clicked, the link redirects the user to a malicious website that aims to “steal account credentials or personal information, or install malware".

The group message was sent to numerous numbers, at random, the NJCCIC says, with the victims being targeted “dozens of times” over the span of three days. Given that these are group texts, the victims were unable to block the attacker.

The NJCCIC speculates that the smishing campaign was likely made possible due to previous data breaches affecting the mobile carrier and millions of its users. 

BleepingComputer reminds that, in the past four years, T-Mobile has disclosed a total of seven data breaches.

In 2018, data belonging to 3% of the company’s customers was accessed. And a year later, T-Mobile exposed the data belonging to some of its pre-paid customers.

In 2020, meanwhile, T-Mobile employees' email accounts were compromised, and phone numbers and call records were accessed by unauthorized third parties.

Last year wasn't devoid of incident, either, with a threat actor compromising T-Mobile’s network through its testing environment, and using the stolen information to launch SIM swap attacks.

As usual, cybersecurity experts are urging people to deploy multi-factor authentication and security keys, and not to click on links in emails and SMS from unfamiliar senders.

Via BleepingComputer

Sead Fadilpašić
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.