5G scam alert: Researchers warn against rising 4G to 5G SIM upgradation frauds


Cybersecurity researchers have warned against 4G to 5G SIM upgradation phishing scams in India. Security company Check Point said that scammers have been posing as customer care executives of the respected telecom service providers, offering assistance to customers for upgrading their SIM cards from 4G to 5G. Their modus operandi is to send phishing links to coerce victims into disclosing personal and financial information.
Such scams have also been reported by police departments of various states. A tweet from the Mumbai Police informed followers of a new scam in which scammers demand money from victims in exchange for assistance in upgrading to 5G. The Twitter account for the Pune City Police, Gurugram police department and Hyderabad Cyberabad (cybercrime unit) department have also issued similar caution. Security agencies have asked citizens to refrain from providing their OTPs to any telemarketers because doing so could result in their bank accounts getting wiped out.
“We have observed a spike in the spread of SMS Phishing, which uses SMS messages as the attack vector for malware distribution. Using SMS messages as an attack vector may seem rudimentary, but just like email phishing, they are extremely efficient. These attempts often imitate trusted brands or personal contacts to entice the victim to click on a link or share personal details in confidence. This method has proven particularly successful as after one device has been compromised, its entire contact list is up for grabs, creating an endless cycle of possible victims,” says Sundar Balasubramanian, Managing Director at Check Point Software, India & SAARC.
To avoid becoming a victim of such phishing scam, the company has following tips:
* Enable two-factor authentication: Sign into your accounts with both a password and one other method. It could be a question, biometric data or a one-time code sent to your device.
* Use strong passwords: Using the same keyword for everything, or simple combinations such as “123456” or “password”, is making it too easy for cybercriminals. There are now a multitude of platforms that can generate strong, difficult-to-guess passwords with upper- and lower-case letters, numbers and symbols.
* Learn how to recognize phishing: When an attacker sends a phishing email, there are usually some common identifiable traits such as misspellings or the fact that it asks for credentials to be entered. A company will never ask for a customers’ credentials on email. If in doubt, always go to the official page or platform of the company you want to access.
* Always keep software updated: It is always advisable to update your devices to the latest version of the software.



Read original article here

Denial of responsibility! TechnoCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment