The expert gave tips on protection from SMS-bombing

SMS bombing remains one of the most common psychological pressure schemes that attackers use to further fraud and gain access to user accounts. On April 30, an information security expert from Kontur companies told Izvestia about how to protect themselves from this.Aegis" and Maxim Chepliev's Staffcop.

"The attack scheme is quite simple: attackers massively initiate sending messages to one phone number through registration, password recovery, login confirmation, delivery and other online services. Automated scripts, bots, and special mailing panels are used for this purpose. In this case, most often we are not talking about technical hacking, but about the abuse of legal mechanisms for confirming a phone number," he explained.

The expert said that SMS bombing differs from regular spam both in purpose and intensity. If spam is sent out en masse and most often contains advertisements or fraudulent offers, then in the case of SMS bombing, the attack is directed at a specific person. In a short period of time, he may receive dozens or even hundreds of messages from various services.

The main goal of intruders is to create a state of anxiety and irritation in the victim. Against the background of a constant stream of notifications, a person loses concentration and becomes more vulnerable to manipulation. That is why, after a series of messages, a call is often received from an alleged bank employee, telecom operator, or support service.

During such a conversation, scammers can convince the user that his account has been attacked and for protection it is urgently necessary to provide an SMS code, confirm identity, provide bank card details or transfer account login information.

Logged out of the chat: fraud in foreign messengers has decreased significantly

What measures have affected this and what new tricks can be expected from intruders?

The expert emphasizes that SMS bombing by itself does not allow hacking an account directly. However, it creates conditions under which the user can independently transfer access to their services to intruders or confirm a fraudulent operation.

An additional danger is that among the large number of messages, you may miss a really important notification about an attempt to log in to your account or change your password.

According to the expert, sometimes such activity may indirectly indicate a phone number leak from one of the services where the user previously left his data. If the number is linked to banking applications, messengers, or government services, this increases the risk of further attacks.

When faced with such a situation, the expert recommends staying calm, not following the instructions of unknown persons, not clicking on links from messages and not telling anyone the confirmation codes. Instead, you should independently check the security of your accounts through official applications or service websites.

"For prevention, it is recommended to use two-factor authentication, set unique passwords for different services and update them regularly. This significantly reduces the likelihood that such an attack will develop into a full—fledged hack," the expert concluded.

On April 29, it became known about a new fraud scheme in which attackers, posing as the leaders of future victims, create fake work chats in messengers and add the user and his colleagues there. It is noted that in the correspondence they propose to undergo a "digitalization of work experience" to confirm personal data and gain access to "Public Services".