Technology News
English Edition

Advanced SMS Phishing Attacks Targeting Android-Based Smartphones: Check Point

Check Point researchers said certain Samsung phones are the most vulnerable to this form of phishing attack.

By Indo-Asian News Service | Updated: 5 September 2019 18:57 IST
Advanced SMS Phishing Attacks Targeting Android-Based Smartphones: Check Point
Click Here to Add Gadgets360 As A Trusted Source As A Preferred Source On Google
Highlights
  • Check Point said a variety of Android smartphones are affected
  • Certain Samsung phones are said to be most vulnerable
  • Samsung has issued a fix in its May security release
Advertisement

A security flaw in Samsung, LG, Sony, Huawei and other Android smartphones has been discovered that leaves users vulnerable to advanced SMS phishing attacks, Check Point Research -- the threat intelligence arm of cybersecurity firm Check Point Software Technologies Ltd. said on Thursday.

Researchers at the cybersecurity firm said certain Samsung phones are the most vulnerable to this form of phishing attack because they do not have an authenticity check for senders of Open Mobile Alliance Client Provisioning (OMA CP) messages.

"Given the popularity of Android devices, this is a critical vulnerability that must be addressed. Without a stronger form of authentication, it is easy for a malicious agent to launch a phishing attack through over-the-air (OTA) provisioning.

"When the user receives an OMA CP message, they have no way to discern whether it is from a trusted source. By clicking 'accept', they could very well be letting an attacker into their phone," Slava Makkaveev, Security Researcher, Check Point Software Technologies, said in a statement.

The affected Android phones use OTA provisioning, through which cellular network operators can deploy network-specific settings to a new phone joining their network.

However, researchers at Check Point found that the industry standard for OTA provisioning -- the OMA CP, includes limited authentication methods and remote agents can exploit this to pose as network operators and send deceptive OMA CP messages to users.

The message tricks users into accepting malicious settings that route their Internet traffic through a proxy server owned by the hacker.

The findings were disclosed to the affected vendors in March; Samsung included a fix addressing this phishing flaw in their Security Maintenance Release for May (SVE-2019-14073), LG released their fix in July (LVE-SMP-190006), and Huawei is planning to include UI fixes for OMA CP in the next generation of Mate series or P series smartphones.

However, Sony refused to acknowledge the vulnerability, stating that their devices follow the OMA CP specification.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Android, Samsung, LG, Huawei, Sony, Check Point, SMS, Hack
OnePlus 7 Pro Gets Wide-Angle, Telephoto Video and More Features in Android 10 Open Beta
How Apple Uses Its App Store to Copy the Best Ideas

Related Stories

Advanced SMS Phishing Attacks Targeting Android-Based Smartphones: Check Point
Comment
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi

Advertisement

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Top OTT Releases of the Week: Kantara Chapter 1, Lokah Chapter 1, Idli Kadai, and More
  2. iQOO Neo 11 With Snapdragon 8 Elite SoC Launched: Price, Specifications
  3. Realme GT 8 Pro Will Launch in India in November With This Chipset
  4. Reliance Offers Free 18-Month Google AI Pro with Gemini, Veo to Jio Users
  5. Gemini 3 AI Model Will Be Released Soon, Says Google CEO Sundar Pichai
  6. Vivo X300 Series With 200-Megapixel Zeiss Camera Launched Globally
  7. Canva Brings Revamped Video Editor, New AI Tools and a Marketing Platform
  8. Samsung Galaxy S26 Series Teased to Launch With These Notable Upgrades
#Latest Stories
  1. Apple CEO Reportedly Confirms Partnership Plans Beyond OpenAI; Revamped Siri Expected to Launch in 2026
  2. Scientists May Have Finally Solved the Sun’s Mysteriously Hot Atmosphere Puzzle
  3. Vivo X300 Series Launched Globally With 200-Megapixel Zeiss Camera, Up to 6.78-Inch Display: Price, Features
  4. Canva Introduces Revamped Video Editor, New AI Tools and a Marketing Platform
  5. Thode Door Thode Paas OTT Release Date: Know When and Where to Watch it Online
  6. Blackmail Now Streaming Online: Know Where to Watch This Tamil Crime Thriller Movie
  7. Eva Husson’s Playdate OTT Release Date: When and Where to Watch it Online?
  8. Raj Tarun's Chiranjeeva OTT Release Date: When and Where to Watch it Online?
  9. Bitchat Becomes Jamaica’s Go-to App as Hurricane Melissa Cripples Communication
  10. Google Maps Is Reportedly Developing a New Power Saving Mode for Navigation
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »