Israel users face a new phishing attack
Users received SMS messages on behalf of one of the largest banks in Israel.
A new scam campaign was sent to users in Israel, in which SMS phishing was used. Attackers on behalf of legitimate organizations sent SMS messages in order to convince the victim to download a malicious application, follow the link or provide personal information, such as bank account or credit card information.
According to researchers at Check Point, messages came from one of Israel's largest banks and contained the following text: “Hello, sir. Suspicious activity detected in your account. Log in to verify your account. " When following the link via SMS, the victim will be taken to a fake bank web-page belonging to a legitimate but compromised site. In this case, any information entered is disclosed to attackers, including login, password, first name, last name, email address, identification number, name of the credit card holder, credit card number, expiration date and cvv.
Over the past two years, more than 50 similar campaigns have been identified aimed at customers of Israeli banks. According to researchers, in 2018, more than a million new phishing sites were registered monthly. The campaigns targeted many sectors, including e-commerce, financial institutions, payment services, postal providers, delivery services, online services and much more.
Users are advised for security reasons to be wary of suspicious SMS messages and install applications only from reliable sources.