Short Message Service (SMS) is a service available on most digital mobile phones that lets you send short text messages between mobile phones, handheld devices and even landline telephones. Text messaging, often called "texting," is sometimes known by different names, such as "i-mode mail" or "C-Mail" in Japan.
With SMS, messages are sent to a Short Message Service Center (SMSC) that attempts to send the message to the recipient. If the user is not reachable at a given moment the SMSC will try again. SMS cannot recover lost or corrupted data, so there is no guarantee that a message will actually be delivered to its recipient. You may request delivery reports to get confirmation that your message has been received, but this notification is unreliable. You are more likely to experience delays or message loss when sending SMS between different networks.
SMS is widely used for delivering premium content such as news alerts, financial information, logos, and ringtones. Such SMS messages are also known as premium-rated short messages (PSMS). Subscribers are charged extra for receiving this premium content, and the amount is typically split between the mobile network operator and the content provider. PSMSs are also increasingly being used for "real-world" services. For example, some vending machines now allow you to pay for items by sending a premium-rated PSMS, so that the cost of the item is added to your phone bill.
Threats
Some SMS security threats include impersonation and unwanted messages, i.e., spam, and a trend among teenagers to send each other suggestive content, called "sexting," has brought new risks to children's privacy and reputation.
Spamming cell phone users through SMS is common. Some companies offer controversial SMS spoofing services that allow users to send messages anonymously. With a masked SMS, you can impersonate someone else by making a message appear to originate from the person's phone. This opens up a whole new world of opportunities for spam and, possibly, mobile fraud or defamation.
In a type of attack, called SMiShing, attackers have put a new face on an old trick, moved from your email to your phone. SMiShing is the SMS version of phishing, where text messages lure victims by stating their account will be closed unless they visit the link to view a website or call back a given number. When users try to access these items, they are prompted for personal information, such as a social security number, driver's license, credit card number, date of birth and other information required to steal your identity.
Another kind of spam via SMS - which can fall under the term SMiShing but does more than steal your personal information - includes a link that downloads a trojan horse to the phone to get data that aids a criminal in identity theft, as well as disrupts your use of the device and even uses it to spam other cell phone users.
References
- CellularOnline
- English Water Company Patches Leaks in Wireless System (SearchNetworking.com)
- Researchers: SMS Attacks Could Cripple Cell Phones (Computerworld)
- SMiShing Phishes for Personal Data over Cell Phone (CNET)
- Teen Sexting Risky Behavior (Charleston.net)
- What is SMiShing / SMS Phishing (Search Mobile Computing)
Print view
Email to a friend
Submit to Reddit
Save to del.icio.us
Submit to Digg.com
Stumble It!