T-Mobile has issued a warning to its customers about an unblockable smishing campaign that seeks to steal personal information and passwords, as well as install malware.
T-Mobile issued the warning after the New Jersey Cybersecurity / Communications Integration Cell (NJCCIC), a division of the Office of Homeland Security and Preparedness that focuses on cybersecurity threat analysis and incident reporting, notified the firm.
“Multiple” customers contacted the NJCCIC after receiving group SMS messages purporting to be from T-Mobile. The letter praised the recipient for paying their bills on time and offered a free “present,” which could be claimed by clicking on the linked web link.
The group message was sent to numerous numbers, at random, the NJCCIC says, with the victims being targeted “dozens of times” over the span of three days. Given that these are group texts, the victims were unable to block the attacker.
BleepingComputer reminds that, in the past four years, T-Mobile has disclosed a total of seven data breaches.
The NJCCIC speculates that the smishing campaign was likely made possible due to previous data breaches affecting the mobile carrier and millions of its users.
In 2018, data belonging to 3% of the company’s customers was accessed. And a year later, T-Mobile exposed the data belonging to some of its pre-paid customers.
In 2020, meanwhile, T-Mobile employees’ email accounts were compromised, and phone numbers and call records were accessed by unauthorized third parties.
Last year wasn’t devoid of incident, either, with a threat actor compromising T-Mobile’s network through its testing environment, and using the stolen information to launch SIM swap attacks.
News Summary:

source