Yesterday came the SMS from the left number:

"Hi, look cool cool% link%".

Most likely a scammer. The site says that it works only on the mobile Internet. I did not go to him from the mobile Internet.

Is there a difference in the security of the mobile Internet and the usual? then come across such a scheme?

  • Maybe the site only exploits a mobile browser :) - VladD

1 answer 1

Of course have. Some providers have "features" that allow fraudsters to find out a mobile phone number. And in some cases, even quietly sign up for any paid service (for example, described here https://habrahabr.ru/post/196894/ ).

I specifically wrote "features", because in some cases these are real vulnerabilities, and in some it seems like an agreement with a telecom operator, issued as "caring for the user."

On the other hand, home wifi is also not always safe. There are mentions of vulnerabilities that allow you to interact with the router (you open the page in the browser, and it is already a tricky way to knock on the router. The address of the router is usually known and is usually logged in there) and register your settings there (for example, custom dns).

UPD

Remembered, there are still sites, when entering which, it offers to update the flash player or the version of android. And so gently predalgayut click on the buttons. Many on this lead. As a result, the malware is installed on your phone, and what will it do ... and who knows.

  • and nothing that I came from the browser. That is, let them know my IP. Knowing my IP and phone number, what can they do? - Zow
  • they will hardly do something. But the statistics will be recorded. Sometimes such statistics can be very expensive. Once it was a "calculate by ip." Now it seems like the reverse process - we send SMS, the person enters, we recognize his ip :) - KoVadim
  • "expensive" - ​​for example? And I have a dynamic IP - Zow
  • one
    Amounts, I will not say - I do not like this. But for example, let's say that there is a large database where the corresponding ip-number is stored. by ip, you can determine the coordinates, sometimes quite accurately. Now imagine someone scribbling on the forum a fresh comment and happily rubbing their hands. And in a couple of minutes they call him on his mobile ... - KoVadim
  • one
    By dynamic ip, you can determine the provider. And this is also useful information. And if you can enter your personal account without a password, then theoretically, you can create a frame that can “also enter” while you browse the malicious site. And what can be done by going to your personal account .... this is a separate question. Some have real passport data for example. - KoVadim