Technology @lemmy.world fne8w2ah @lemmy.world 5 mo. ago

Two men arrested for creating illegal telephone mast in the UK

www.datacenterdynamics.com Two men arrested for creating illegal telephone mast in the UK

The mast was used to send thousands of smishing text messages to the public

32 comments

Smishing is a phishing cybersecurity attack carried out over mobile text messaging. It's also known as SMS phishing.

I had never heard that term before. Is it just a UKism, or am I one of today's lucky 10,000?
- Not just UK. It’s a stupid term that organizations use in cybersecurity trainings but no one else uses.
  
  Yeah, I had to do a security cert last year and it had a bunch of made up sounding crap like that.
  
  It feels like one of those where the people that have expertise enough to name new things are not experts in naming things.
- "Smishing" sounds like kiwi slang for playing Smash Bros
  
  We were smishing in the shid!
  
  At the beginning of Smash Bros Ultimate, some people jokingly tried to make "Smush" a thing (since the previous, fourth game, officially Super Smash Bros for 3DS/for Wii U, was often referred to as Sm4sh for short).
- Yup, those are both the industry terms
- I've worked in IT for 15 years and it's the first time I've heard SMS phishing condensed to smishing. But I specialize in servers and server security, so I'm not too surprised it's a thing.
  
  We're forced to take a cybersecurity online course every year, and I'm constantly confused at what the terms are supposed to mean. Like why is spear phishing a thing? Why do we need specialized terms for every conceivable variation of a concept?
  
  Let's just stick with basic terms:
  
  malware - malicious software
  
  social engineering - covers calls, texts, emails, etc designed to get access to something they shouldn't
  
  cracking - breaking cryptography
  
  security hacking - breaking secure systems by exploiting bugs, such as zero-days or unpatched systems, usually to get privilege escalation
  
  I may be missing a couple, but I think most cybersecurity concepts can fit in one of those categories.
  
  Open Source Security Podcast with Josh Bresher and Kurt Sigfried. It's a pretty good source of news and discussion from a sysadmin perspective.
- When I first read they were sending smishing texts I thought hey this is neat, some kind of kink that I can spend the day learning about, but then I read about the sms phising thing and was disappointed.
- Permanently Deleted
- Always wonder if this is a state actor
  
  Huayong Xu Is the name listed
- So is original phishing supposed to be over the phone? Like it's the email game called emishing or something?
  
  When they send the emails at night, it's called nocturnal emishing. It's a serious problem that affects thousands of people each night.
  
  No, phone phishing is phphishing.
  
  Nah phishing is a 90s term though probably coined in reference to phreaking. That started up in the 60s and by the 80s even the US had mostly switched to out of band signalling for their telephone system so none of the stuff worked any more.
Permanently Deleted
He installed a fake antenna? like a fake cellular radio tower? how is it possible that phones just randomly trust this antenna? they explain very little in the article.
- https://en.m.wikipedia.org/wiki/IMSI-catcher
  
  lovely, and my phone won't let me block 2G.
- Short answer: security through obscurity
I've always wanted to broadcast encrypted signals from a ham radio out of the back of a van parked next to a nuclear power station.
Eintelefonmast!
- c/randomGerman

You've viewed 32 comments.