Skip to content
/ smishsmash Public

Proof of concept Android application for detecting smishing messages

redmaple.tech/blogs/smish-smash/

License

GPL-3.0 license
6 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

RedMapleTech/smishsmash

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
app
app
 
 
gradle/wrapper
gradle/wrapper
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradle.properties
gradle.properties
 
 
gradlew
gradlew
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

Overview

Proof of concept Android application to inspect the currently stored SMS messages for possible SMS phishing (smishing) messages.

For more, read our accompanying blog.

Inspection Approach

  1. Gets all the messages currently in the SMS inbox.
  2. Look for keywords in the message body that are uniquely attributed to an organisational target. e.g. "Revenue and Customs" for HMRC.
  3. Check if the number is in the phone contacts.
  4. Look for URLs in the message body.
  5. Inspect the URL for keywords associated to an organisation (e.g. "tax", "rebate" for HMRC).
  6. If we have associated the message to a possible organisation, compare the URL to what we'd expect from the organisation. For example, HMRC messages should come from gov.uk domains.

About

Proof of concept Android application for detecting smishing messages

redmaple.tech/blogs/smish-smash/

Topics

android proof-of-concept phishing smishing smishing-detection

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

6 stars

Watchers

0 watching

Forks

2 forks
Report repository

Languages