A Review of Smishing Attaks Mitigation Strategies

Authors

  • David Ng’ang’a Njuguna Department of Information Technology, Mount Kenya University, Thika, Kenya
  • John Kamau Department of Information Technology, Mount Kenya University, Thika, Kenya
  • Dennis Kaburu Department of Information Technology, Jomo Kenyatta University of Agriculture and Technology, Juja, Kenya

DOI:

https://doi.org/10.24203/ijcit.v11i1.201

Keywords:

phishing; Social engineering; vishing; SMS; malware; mobile applications; awareness

Abstract

Mobile Smishing crime has continued to escalate globally due to technology enhancements and people's growing dependence on smartphones and other technologies. SMS facilitates the distribution of crucial information that is principally important for non-digital savvy users who are typically underprivileged. Smishing, often known as SMS phishing, entails transmitting deceptive text messages to lure someone into revealing individual information or installing malware. The number of incidences of smishing has increased tremendously as the internet and cellphones have spread to even the most remote regions of the globe.

References

F. Mouton, L. Leenen and H. S. Venter, "Social Engineering Attack Detection Model: SEADMv2," 2015 International Conference on Cyberworlds (CW), 2015, pp. 216-223, doi: 10.1109/CW.2015.52.

R.Thomas, Peltier. Social engineering: concepts and solutions. Information system Security 2006;15(5):13-21, DOI: 10.1201/1086.1065898X/46353.15.4.20060901/9547.3

Newindianexpress.com, "Increasing cybercrime: UN reports 350 percent rise in phishing websites during the pandemic. The New Indian Express," 8 August 2020. [Online]. Available: https://www.newindianexpress.com/business/2020/aug/08/increasing-cybercrime-un-reports-350-per-cent-rise-in-phishing-websites-during-pandemic-2180777.html. [Accessed 8 July 2021].

M. ARAB and M. K. SOHRABI, "Proposing a new clustering method to detect phishing websites," Turkish Journal of Electrical Engineering & Computer Sciences, pp. 4757-4767, 2017.

Datareport.com, "Digital 2020: Global Digital Overview-DataReport-Global Digital Insight," 30 January 2020. [Online]. Available: https://datareportal.com/reports/digital-2020-global-digital-overview. [Accessed 11 June 2021].

S. Mishra and D. Soni, "DSmishSMS-A System to Detect Smishing SMS," Neural Computing and Applications, 2021

M. Baglia, "Text Marketing Vs. Email Marketing: Which One Packs a Bigger Punch? [Infographic]-Business2Community," 30 June 2015. [Online]. Available: https://www.business2community.com/infographics/text-marketing-vs-email-marketing-one-packs-bigger-punch-infographic-01249186. [Accessed 15 June 2021].

Callhub.io, ". 6 reasons why SMS is more effective than email marketing||CallHub," 10 August 2016. [Online]. Available: https://callhub.io/6-reasons-sms-effective-email-marketing/. [Accessed 17 June 2021].

MCAfee.com, "Protect yourself from smishing|McAfeeBlog," 22 February 2012. [Online]. Available: https://www.mcafee.com/blogs/consumer/family-safety/protect-yourself-from-smishing/. [Accessed 17 June 2021].

J. Haley, "Protect yourself from smishing (video)," 15 August 2012. [Online]. Available: https://www.cnet.com/tech/services-and-software/protect-yourself-from-smishing-video/. [Accessed 10 May 2021]

M. LAUDON, "Mobile Phishing Increases More Than 300% as 2020 Chaos Continues," 2 November 2020. [Online]. Available: https://www.proofpoint.com/us/blog/threat-protection/mobile-phishing-increases-more-300-2020-chaos-continues. [Accessed 10 May 2021].

L. Irwin, "Catches of the month: Phishing scams for October 2020," 7 OCTOBER 2020. [Online]. Available: https://www.itgovernance.co.uk/blog/catches-of-the-month-phishing-scams-for-october-2020. [Accessed 11 June 2021].

Kaspersky.com, "What is Smishing and How to Defend Against it," 2021. [Online]. Available: https://www.kaspersky.com/resource-center/threats/what-is-smishing-and-how-to-defend-against-it. [Accessed 9 10 2021].

B. Muscio, "Smishing Attacks Increased by 328% in 2020!-4iT-Your IT Support Department," 17 march 2021. [Online]. Available: https://4it.com.au/2021/03/17/smishing-attacks-increased-by-328-in-2020/. [Accessed 11 June 2021].

S. Raman, K. Streff and Y. Wang, "Smartphone Security Challenges" in Computer, vol. 45, no. 12, pp. 52-58, 2012. doi: 10.1109/MC.2012.288

D. Peraković, S. Husnjak, and V. Remenar, “Research of Security Threats in the Use of Modern Terminal Devices,” presented at the 23rd International DAAAM Symposium Intelligent Manufacturing & Automation: Focus on Sustainability, 2012

R. Alabdan, “Phishing Attacks Survey: Types, Vectors, and Technical Approaches,” Future Internet, vol. 12, no. 10, p. 168, Sep. 2020.

B. Parnika and B. Kamlesh, "A Survey on Various Threats and Current State of Security in Android Platform," ACM Computing surveys, vol. 52, no. 1, pp. 1-35, 2019.

T. Spring, "Mobile Adware Booms, Online Banks Become Prime Target for Attacks|Threatpost," 1 March 2021. [Online]. Available: https://threatpost.com/mobile-adware-booms-attacks/164386/. [Accessed 9 September 2021].

V. KOULIARIDIS, K. BARMPATSALOU, G. KAMBOURAKIS and S. CHEN, "A Survey on Mobile Malware Detection Techniques," IEICE Transactions on Information and Systems, vol. E103.D, no. 2, pp. 204-211, 2020.

A. Burris, "G DATA Mobile Malware Report 2019: New high for malicious Android apps," June 2020. [Online]. Available: https://www.gdatasoftware.com/news/g-data-mobile-malware-report-2019-new-high-for-malicious-android-apps. [Accessed 24 June 2021].

V. Chebyshev, "Mobile malware evolution 2020|securelist," 01 March 2021. [Online]. Available: https://securelist.com/mobile-malware-evolution-2020/101029/. [Accessed 09 September 2021].

E. Chickowski, "Cybercrime: A Black Market Price List From The Dark Web," March 2016. [Online]. Available: https://www.darkreading.com/cloud/cybercrime-a-black-market-price-list-from-the-dark-web. [Accessed 10 July 2021].

G. Delac, M. Silic, and J. Krolo, "Emerging security threats for mobile platforms," 2011 Proceedings of the 34th International Convention MIPRO, 2011, pp. 1468-1473.

W. Jeon, J. Kim, Y. Lee, and D. Won, “A Practical Analysis of Smartphone Security,” in Human Interface and the Management of Information. Interacting with Information. Human Interface,2011. Lecture Notes in Computer Science, vol 6771. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21793-7_35

R. Alabdan, “Phishing Attacks Survey: Types, Vectors, and Technical Approaches,” Future Internet, vol. 12, no. 10, p. 168, Sep. 2020 [Online]. Available: http://dx.doi.org/10.3390/fi12100168

F. Parker, J. Ophoff, J. Van Belle and R. Karia, "Security awareness and adoption of security controls by smartphone users," 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), 2015, pp. 99-104, doi: 10.1109/InfoSec.2015.7435513

G. Ali, M. Ally Dida, and A. Elikana Sam, “Evaluation of Key Security Issues Associated with Mobile Money Systems in Uganda,” Information, vol. 11, no. 6, p. 309, Jun. 2020

L. Wu, X. Du and J. Wu, "MobiFish: A lightweight anti-phishing scheme for mobile phones," 2014 23rd International Conference on Computer Communication and Networks (ICCCN), 2014, pp. 1-8, doi: 10.1109/ICCCN.2014.6911743M

G. Sonowal and K. S. Kuppusamy, "SmiDCA: An Anti-Smishing Model with Machine Learning Approach," The Computer Journal, vol. 61, no. 8, pp. 1143-1157, 2018.

J. W. Joo, S. Y. Moon, S. Singh, and J. H. Park, "S-Detector: an enhanced security model for detecting Smishing attack for mobile computing.," Telecommunication Systems, vol. 66, pp. 29-38, 2017

K. Yadav, P. Kumaraguru, A. Goyal, A. Gupta, and V. Naik, "Smsassassin: crowdsourcing driven mobile-based system for SMS spam filtering

G. Bottazzi, E. Casalicchio, D. Cingolani, F. Marturana, and M. Piu, "MP-Shield: A Framework for Phishing Detection in Mobile Devices," 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, 2015, pp. 1977-1983, doi: 10.1109/CIT/IUCC/DASC/PICOM.2015.293.

S. Mishra and D. Soni, "A Content-Based Approach for detecting Smishing in Mobile Environment.," in International Conference on Sustainable Computing in Science, technology, and management(SUSCOM). Jaipur: Amity University Rajasthan, Jaipur, 2019.

A. Ghourabi, M. A. Mahmood, and Q. M. Alzubi, “A Hybrid CNN-LSTM Model for SMS Spam Detection in Arabic and English Messages,” Future Internet, vol. 12, no. 9, p. 156, Sep. 2020

P. K. Roy, J. P. Singh, and S. Banerjee, "Deep learning to filter SMS Spam, ISSN 0167-739X," Future Generation Computer Systems, vol. 102, pp. 524-533, 2020.

K. Jain and B. B. Gupta, "Rule-Based Framework for Detection of Smishing Messages in Mobile Environment," in 6th International Conference on Smart Computing and Communications, ICSCC 2017, 7-8, Kurukshetra, India, 2018.

D. Goel and A. K. Jain, "Smishing-Classifier: A Novel Framework for Detection of Smishing Attack in Mobile Environment," in International Conference on Next Generation Computing Technology, Singapore, 2018.

G. Sonowal, “Detecting Phishing SMS Based on Multiple Correlation Algorithms”. SN COMPUT. SCI. 1, 361 (2020). https://doi.org/10.1007/s42979-020-00377-8

Downloads

Published

2022-03-05

How to Cite

Njuguna, D. N. ., Kamau, J. ., & Kaburu, D. . (2022). A Review of Smishing Attaks Mitigation Strategies. International Journal of Computer and Information Technology(2279-0764), 11(1). https://doi.org/10.24203/ijcit.v11i1.201