MobiPot: Understanding Mobile Telephony Threats with Honeycards

MobiPot: Understanding Mobile Telephony Threats with Honeycards

Over the past decade, the number of mobile phones has increased dramatically, overtaking the world population in October 2014. In developing countries like India and China, mobile subscribers outnumber traditional landline users and account for over 90% of the active population. At the same time, co...

Full description

Saved in:
Bibliographic Details
Main Authors: BALDUZZI, Marco, GUPTA, Payas, GU, Lion, GAO, Debin, AHAMAD, Mustaque
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2016
Subjects:
cybercrime
fraud
scam
mobile
vishing
security
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/3572
https://ink.library.smu.edu.sg/context/sis_research/article/4573/viewcontent/asiaccs16.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Over the past decade, the number of mobile phones has increased dramatically, overtaking the world population in October 2014. In developing countries like India and China, mobile subscribers outnumber traditional landline users and account for over 90% of the active population. At the same time, convergence of telephony with the Internet with technologies like VoIP makes it possible to reach a large number of telephone users at a low or no cost via voice calls or SMS (short message service) messages. As a consequence, cybercriminals are abusing the telephony channel to launch attacks, e.g., scams that offer fraudulent services and voice-based phishing or vishing, that have previously relied on the Internet. In this paper, we introduce and deploy the first mobile phone honeypot called MobiPot that allow us to collect fraudulent calls and SMS messages. We implement multiple ways of advertising mobile numbers (honeycards) on MobiPot to investigate how fraudsters collect phone numbers that are targeted by them. During a period of over seven months, MobiPot collected over two thousand voice calls and SMS messages, and we confirmed that over half of them were unsolicited. We found that seeding honeycards enables us to discover attacks on the mobile phone numbers which were not known before.

Similar Items