Phishing e-mails are being sent to mobile phone users in the UK which appear to come from the users network provider but are actually spam.
Symantec has observed several attacks of this nature by using a new phishing technique during July.
The emails in question ask recipients to confirm their billing information and link to what appears to be a legitimate website with a form to be filled in. However these websites are compromised.
The personal information which the form requires would be sufficient to allow the criminals behind the operation to commit identity fraud.
Once the form has been completed, the page redirects victims to the genuine site of the mobile provider, completing the illusion of legitimacy.
Symantec has published a list of best practices for avoiding phishing attacks in a response to this recent security threat. They have advised mobile users to avoid clicking any links in suspicious emails, to always check the URL of the site which they are visiting and to frequently update security software to protect themselves.
Return to security news headlines
View Security News Archive