Mostrar el registro sencillo del ítem
'Hey mum, I dropped my phone down the toilet': Investigating Hi Mum and Dad SMS Scams in the United Kingdom
dc.contributor.author | Agarwal, Sharad | |
dc.contributor.author | Harvey, Emma | |
dc.contributor.author | Mariconti, Enrico | |
dc.contributor.author | Suarez-Tangil, Guillermo | |
dc.contributor.author | Vasek, Marie | |
dc.date.accessioned | 2024-10-04T09:19:26Z | |
dc.date.available | 2024-10-04T09:19:26Z | |
dc.date.issued | 2025 | |
dc.identifier.uri | https://hdl.handle.net/20.500.12761/1854 | |
dc.description.abstract | SMS fraud has surged in recent years. Detection techniques have improved along with the fraud, necessitating harder-to- detect fraud techniques. We study one of these where scammers send an SMS to the victim addressing mum or dad, pretend to be their child, and ask for financial help. Unlike pre- vious SMS phishing techniques, successful scammers interact with victims, rather than sending only one message which contains a URL. This recent impersonation technique has proven to be more effective worldwide and has been coined the ‘hi mum and dad’ scam. In this paper, we collaborate with a UK-based mobile network operator to access the initial ‘hi mum and dad’ scam messages and related user spam reports. We then interact with suspicious scammers pretending to be potential victims. We collect 582 unique mule accounts from 711 scammer interactions where scammers ask us to pay more than £577k over three months. We find that scammers deceive their victims mainly by using kindness and distraction principles followed by the time principle. The paper presents how they abuse the services provided by mobile network operators and financial institutions to conduct this scam. We then provide suggestions to mitigate this cybercriminal operation. | es |
dc.language.iso | eng | es |
dc.title | 'Hey mum, I dropped my phone down the toilet': Investigating Hi Mum and Dad SMS Scams in the United Kingdom | es |
dc.type | conference object | es |
dc.conference.date | 13–15 August 2025 | es |
dc.conference.place | Seattle, WA, USA | es |
dc.conference.title | Usenix Security Symposium | * |
dc.event.type | conference | es |
dc.pres.type | paper | es |
dc.type.hasVersion | AM | es |
dc.rights.accessRights | open access | es |
dc.acronym | USENIX-Security | * |
dc.rank | A* | * |
dc.relation.projectName | PARASITE | es |
dc.relation.projectName | COMET | es |
dc.relation.projectName | RYC-GST | es |
dc.description.refereed | TRUE | es |
dc.description.status | inpress | es |