Researchers have discovered a new SMS phishing campaign targeting mobile numbers in the United States aiming to steal online banking credentials and install the Emotet malware wherever possible.
SMS phishing campaigns, also known as smishing, follows a straightforward recipe. Victims receive an SMS message with an embedded link, sending them to a malicious site. Sometimes, it’s just a phishing scheme, with attackers looking to steal credentials. But the same platform can be used to trick people into installing malware, which could serve a variety of purposes, including transforming the device into a bot for other attacks.