Cyber-criminals leveraging AWS, Google, and IBM services to steal data through SMS communication

Cyber-criminals leveraging AWS, Google, and IBM services to steal data through SMS communication

SMS fraudsters are using popular cloud platforms like AWS, Google Cloud, and IBM Cloud Services to trick users into visiting malicious websites and steal their information, according to an investigation by Enea, a telecoms and cyber software specialist. These attackers are sending text messages with links to static websites hosted on these cloud platforms, bypassing firewall restrictions and redirecting users to spam URLs without their knowledge.

By embedding spam URLs in static websites stored in cloud storage buckets, cybercriminals are able to deceive users into revealing their personal and financial information. The scam works by sending SMS messages with authentic-looking links that lead users to these static websites, which then automatically redirect them to fraudulent sites designed to trick them into giving up sensitive data.

To combat these SMS scams, Enea suggests analyzing traffic behavior and using user behavior patterns to detect and block suspicious activity. By understanding how URLs linking to storage platforms are typically used in normal circumstances, such as sharing files or photos with a small group of individuals, security professionals can identify and address potentially malicious behavior. Monitoring metrics like traffic volume, content, and behavioral patterns can help detect and mitigate these threats.

In conclusion, SMS fraudsters are exploiting cloud platforms to deliver text messages with malicious links, ultimately redirecting users to fraudulent websites in order to steal their information. To counter these attacks, organizations can analyze traffic behavior and user patterns to detect and block suspicious activity effectively. By staying vigilant and implementing robust security measures, businesses can protect their customers from falling victim to these SMS scams.

Article Source
https://www.mobileeurope.co.uk/cyber-criminals-using-aws-google-and-ibm-services-to-steal-data-by-sms/