b'YOUR TOOLKIT FOR BUILDING EXCELLENCEvulnerability, new attacks are more likely to target you by SMS or messaging app. This shift follows increased nervousness when opening attachments or clicking links in email. All made worse by AI advances, that make it even harder to detect a threat on a small screen before tapping.Not only does SMS carry text-based phishing risks, but its also vulnerable to on-device malware hijacking 2FA codes in real time. The U.S. government warns users to stop using SMS codes for 2FA, and in recent days we have seen SMS codes intercepted to hijack Nico Chiaraviglio, Zimperiums Chief Scientist, warnsGmail and Outlook accounts. Zimperium highlights that mishing is not just an evolution of traditionalSMS Stealer malware, that is now compromising mobile phishing tacticsit is an entirely newaccounts on more than 600 global services.category of attack engineered to exploit the specificThe FBI, meanwhile, has warned users to delete all capabilities and vulnerabilities of mobile devices,smishing texts given the alarming ramp-up in SMS such as cameras. Our research shows that attackersattacks mimicking brands and local government are increasingly leveraging multiple mobile-specificagencies. As we have seen with recent FBI and police channelsincluding SMS, email, QR codes, and voicewarnings into toll and disaster relief fraud, the ease of phishing (vishing)to exploit user behaviors andmasking a sender ID, using brief text and a shortened expand their attack surface. link to mask a non-typical URL makes it all too easy And whereas email has always been the primaryto lure a user into clicking.Zimperium also notes the geographical targeting of mobile attacks, again as seen with fake toll messages Let our focusing on specific cities and states. Modern cranes set yourmishing campaigns frequently employ geolocation-I trusses for you! based redirection at country or even at the city level, NC.MANUFACTURERS of allowing for highly targeted attacks. This enables LAMINATED TIMBERS precise targeting of specific regions or organizations, and WOOD TRUSSEScomplicates detection by security researchers, increases campaign effectiveness through localization, [and] reduces detection rates.Some of this mandates new user training and awareness, and also strict rules on link and attachment handling. But when it comes to account credentials, there are now multiple reasons to shift from SMS to authentication apps or passkeys. As Microsoft has warned, we only get safer if legacy login methods are removed. So its not just a case of providing new ways to secure accounts, it needs the old ways shut down.Mobile devices have become the primary targets, Zimperium warns. The technical sophistication demonstrated by observed campaigns suggests this trend will continue to accelerate, demanding continued innovation in mobile-specific security controls.Zak Doffman has covered security, surveillance and privacy on Forbes since 2018, focusing on updates from the worlds 717.866.6581 largest tech companies, staying safe on smartphones and www.rigidply.com social media, and the dangers of AI. FRAME BUILDER - VOL6 3 / 9'