SMS Cybercrime: A DNS Perspective

Why Attend Speakers Register

As email protection has increased, criminals have moved to attack users through SMS and other text messaging services. The cost to consumers of SMS scams alone was $330 million in the US last year, double that of 2021; this is not to mention phishing for credentials and distribution of malware. Additionally, Infoblox has seen a steady rise of attacks against Multi-Factor Authentication (MFA) via SMS since mid-2022. Over the last 6 months, Infoblox has detected 60-130 MFA “lookalike” domains every week, and we know that recent high-profile attacks on Retool and MGM involved MFA account takeovers. Finally, to evade detection, actors are using malicious link shorteners to hide their true intent. Infoblox recently published original research on Prolific Puma, a DNS threat actor who controls a massive network of domains and supports the criminal economy. This work was reported by Krebs on Security, Darknet Diaries, Bleeping Computer, and many other outlets.

Join this Infoblox webinar and learn how Infoblox detects threats that are used in SMS attacks.

We will cover:

How Infoblox discovered Prolific Puma where others did not, and how blocking threats like Prolific Puma at DNS resolution disrupts the cybercriminal economy

How Infoblox discovered the DNS threat actor Open Tangle, which uses SMS and lookalike domains to steal consumer credentials

How Infoblox detects and tracks other DNS threat actors, including the multiple Chinese threat actors currently targeting text messaging apps and the US postal service

Trends that Infoblox sees in MFA SMS phishing activities, including common targets and TTPs

Cybersecurity awareness training alone will not protect consumers and organizations from the onslaught of attacks being levied through SMS and texting apps. This webinar will show you what is happening and why DNS detection and response matters in combating SMS cybercrime.

Meet the Presenters

Cricket Liu

Chief DNS Architect, Infoblox

Cricket is one of the world’s leading experts on the Domain Name System (DNS), and serves as the liaison between Infoblox and the DNS community. Before joining Infoblox, he founded an Internet consulting and training company, Acme Byte & Wire, after running the hp.com domain at Hewlett-Packard. Cricket is a prolific speaker and author, having written a number of books including “DNS and BIND,” one of the most widely used references in the field, now in its fifth edition.

Chris Usserman

Director, Security Architecture, Infoblox

Chris Usserman advises government agencies globally about the benefits of protective DNS and related regulations. His expertise, spanning over 30 years in the U.S. intelligence community, not only contributes to the U.S. Government’s security efforts but also fosters collaborations to bolster security across various sectors and communities of interest. Chris’s profound insights have earned him invitations to speak on DNS and cybersecurity at numerous esteemed international conferences.

Renée Burton

Head of Threat Intelligence, Infoblox

Dr. Renée Burton is the Head of Threat Intelligence at Infoblox, where she leads the company’s global team that specializes in the creation of original intelligence. A DNS expert, Dr. Burton spent 22 years at the National Security Agency (NSA) and holds a PhD in mathematics. Dr. Burton is an avid believer in DNS as both an important control point within a network and a source to hunt threats that escape the perimeter devices.

Ross Gibson

Co-Author: The Hidden Potential of DNS in Security

Ross Gibson is a practicing DNS expert and co-author of the recently published book The Hidden Potential of DNS in Security (available now on Amazon). He regularly advises clients worldwide on a variety of topics including DNS security, DNS architecture, and global server load balancing (GSLB), among others. Ross has spent more than 20 years working in the networking industry, 14 of which have been focused on DNS.

Laura da Rocha

Senior Data Scientist, Infoblox

Laura da Rocha is a Sr. Data Scientist at the Threat Intelligence Group at Infoblox, where she focuses on using statistical methods to identify threats relevant to DNS. For the past 4 years she has analyzed billions of DNS records to automate threat detection and false positive reduction. She has a Bachelor’s degree in statistics and is finalizing her Master’s degree in computer science.

Brent Eskridge, PhD

Staff Threat Hunting Specialist, Infoblox

Brent Eskridge, PhD, is a Staff Threat Hunting Specialist with over 25 years of experience in the field. He has held positions as a software engineer, university professor, and, most recently, a threat intelligence analyst. Brent is currently a member of Infoblox’s Threat Intelligence Group, which provides customers with intelligence needed to block the newest threats. He has a doctorate in computer science.