The attacks were aimed towards mobile phone users who were targeted for stealing their personal bank details. These included bank account number, credit card details, PIN etc.
Cloudmark, the research firm, also revealed that the upsurge of attacks is very huge. The increase has been of more than 900% as compared to the normal attacks in other weeks. Industry experts quote that this is the first instance of such a high-level security attack, where users have been tricked using SMS messages.
Investigations confirm that hackers have been using various ploys to collect secret credentials from users. Some tricks used fake names like Bank of America and Macy's credit card collections. There were other messages that even claimed to be from the U.S. Veteran's Administration Health Services.
As text messages had names of reputed financial institutions, customers understood them as official communication. When SMS recipients called back on the number, an automated voice asked for confidential bank details that can be used for security frauds.
In a few cases, number '561' claims to be from the Bank of America. This number seeks details like account number, expiration date, personal identification number etc. There have been over 500 such text messages coming from 20 different fake phone numbers.
For the security and hacking industry, phishing attacks are the top-most concern. This is not just because of their high number, but also because such attacks can easily trick users and lead to serious frauds.
While security experts are working towards minimizing such threats, consumers need to keep themselves more aware. The first important thing to remember is that financial bodies do not seek information in this manner. Hence customers should keep away from exposing credentials in such unusual cases.
Secondly, users need to know that phishing not just happens in e-mails but also in mobile phones. Even if individuals keep their contact numbers secret, they may still be tricked if an attacker randomly dials their number. Apart from this, customers can report phishing and other security fraud attempts through official forums and helpline numbers.