SMS message saying bank details on the internet are malicious

Filed Under: Malware, Mobile, SophosLabs

SophosLabs has received a disturbing report from a UK Local Government customer which we feel need a wider audience.

People are receiving SMS messages saying that their bank details are on the internet. These text messages are 100% malicious in nature and users should not follow the links.

The report from the local government states:

The user received an SMS message to say that his bank account details had been posted on the Internet and gave him a URL to go to. He attempted to access the site using a library PC but failed and queried the librarian about the security on the PC who raised a support call with us.


The obfuscated script inserts an iframe which attempts to download malware which Sophos blocks.

I haven't seen details of a scam like this before and have looked for a site on which to report it without success. I'm assuming you'll know what to do with it.

So, what are we at SophosLabs doing about it?

  • Making the general public aware of this malicious attack
  • Adding detection and blocking for the malicious website
  • Making samples available for security professionals via the usual channels

SophosLabs will be publishing detection for the malicious website as Troj/Iframe-BS and the malware that Sophos already blocked was detected as Troj/PDFJs-B.

You might like

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s