Experts warn T-Mobile users against rampant SMiShing attacks

T-Mobile SMiShing Cyberattacks Phishing Warning Advisory NJCCIC

Several T-Mobile customers have recently filed reports about being targeted by a new SMS-phishing (SMiShing) campaign that attacks the victims with malicious links using unblockable texts via bulk or group sent messages.

The public warning advisory was released by the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC), an organisation that focuses on cybersecurity incident reporting, threat analysis, and information sharing.

The operators send phishing text messages to the targeted recipients for this campaign, thanking them for paying their T-Mobile bills. The message also encloses a malicious link that, once clicked, the person will be redirected to a supposed gift that they need to accept.

The security officials explained that the links could lead the victims into losing their account credentials and personal data or even have malware installed on their devices.

Similar SMiShing campaigns were also detected last month, wherein the Verizon Wireless and Spectrum customers had been targeted. The campaign impersonated the network carriers via fake texts that seemed to come from the victim’s phone number.

According to the authorities, the operators of the campaign spoof a caller ID to appear like the target receives a text from their phone number – which is a technique that they use to win their attention.


The NJCCIC also added that the new SMiShing campaign targets T-Mobile customers due to past data breach incidents impacting the network carrier and millions of clients.


The network carrier, T-Mobile, has been a constant target of cyberattacks since 2018 when about 3% of their customer data was exposed to hackers. After the first incident, the firm was also attacked by five other data breaches.

Then, in 2019, the network carrier again suffered from a data breach, compromising their prepaid clients’ data; in 2020, the hackers had access to their employees’ corporate accounts and some customer data, such as phone numbers and call records.

Come 2021, the internal application of T-Mobile gets accessed by hackers and had also brute-forced into their network to breach the network carrier’s testing environments. In the latter part of the year, the firm disclosed that the previous data breach caused some threat actors to perform SIM swap attacks on a few customers.

Cybersecurity experts strongly advise avoiding clicking any suspicious links sent via text message from unknown entities to protect against SMS (Short Messaging Service) phishing attacks and compromising your sensitive information. From an update, T-Mobile informed its users that they had improved their filters to block the malicious texts that enclose the unsafe links.

About the author

Leave a Reply