Sign up to our newsletter
Technically it’s not SMS Phishing… but it’s close:
The strength of this phishing technique (on the cybercriminal side) is that the victim is enticed to go to a web page and put in your 15 or 17 digit IMEI number, or International Mobile Equipment Identity along with other identifying information.
This number is intended to reduce the effect of mobile phone theft. According to wikipedia the number is usually found printed inside the battery compartment of the phone and can also be displayed on the screen of the phone by entering *#06# into the keypad on most phones. This number is different than the SMS chip number found on GSM technology phones. SMS chips can be swapped out, but the IMEI number is sort of like your phone’s Social Security Number: it’s locked to a specific handset.
I would expect phone based phishing to take advantage of this trend as well so be wary of anyone calling you and asking for cell phone identifying numbers. You may think that this wouldn’t be targeted because it’s a little hard to dial the keypad or peel back the battery while you’re on the phone but some models will display the information right on the screen.
Securing Our eCity Contributing Writer
Author ESET Research, ESET