COVID-19 SMISHING

  • CERT Admin
  • Fri Mar 27 2020
  • Alerts

Threat Level 

High 

Overview 

Random SMS (Short Message Service) are sent to users with a notice for free distribution of masks against COVID-19 virus. SMS is equipped with a URL/Link.

Smishing: Phishing method using text messages

Description 

Once user has clicked the URL/Link in the SMS, browser will pop up a message " Please update the latest version of Chrome for improved service experience". Malicious application will be installed upon clicking the " OK" button. 

     1. Attacker sends the COVID-19 smishing.
    2. Victim clicks the URL/Link in the SMS.
    3. Malicious application disguised as chrome browser update and will be installed if the victim click " OK" button.
    4. Malicious application is launched and leaking personal information. 

Impact 

     ✻  Leakage of personal information
     ✻  Hijack of information such as messages, phone numbers, model information, bank applications, public certificates, etc. 

Solution/ Workarounds 

    ✻  Refrain from clicking URL/Link received from unknown
    ✻  Personal information such as mobile number, ID, Usernames, Passwords, etc. should be entered only on trusted sites.
    ✻  Refrain from doing purchases from untrusted websites.
    ✻  Inform your acquaintances of the smishing incident, as the installedmalicious application most likely will send similar SMS to your contact list.

References 

  ✻  https://www.kisa.or.kr/eng/main.jsp 

Disclaimer 

The information provided herein is on "as is" basis, without warranty of any kind. 

Last updated: Fri Mar 27 2020