• Wed. Oct 11th, 2023

Unmasking the UAE Postal Services: Exposing the Chinese Group PostalFurious’ Phishing Campaign

Avatar photo

ByEsme Greene

Jul 5, 2023
UAE Postal Services Targeted by Chinese Phishing
Esme Greene
Latest posts by Esme Greene (see all)

Group-IB claims that a recent phishing SMS campaign aimed at consumers in the UAE is connected to the Chinese-language band PostalFurious. Hackers who are participating in the campaign transmit messages on behalf of postal services and toll road operators.

Users are asked to pay tolls in order to avoid more fines via phony SMS texts (smishing), according to the con. To conceal the actual phishing link, the mails also include a truncated URL.

When the victim clicks the link, a phishing payment page that requests personal information (such as name and address) and credit card details in order to process the transaction appears. Starting on April 15, 2023, the campaign is expected to be active. The legitimate name and emblem of a well-known supplier of postal services are used on the phishing pages.

Insights into the Extent and Sophistication of PostalFurious’ Phishing Campaign

It is presently uncertain how extensive the attacks were. It is commonly known that text messages were sent via the iMessage service from Apple using email addresses and phone numbers with Malaysian and Thai registrations.

Because the pages can only be viewed from IP addresses in the UAE, the phishing URLs are geo-limited to avoid detection. Additionally, it was shown that in order to increase their reach, attackers consistently register new phishing domains.

Analysts claim that the second attempt, noticed on April 29, 2023, imitated the UAE postal service.

The activity of the organization indicates a growth in the attacker’s activities from at least 2021, when hackers started focusing on consumers in the Asia-Pacific (APAC) area. PostalFurious’ actions, according to Group-IB, show “the transnational nature of organized cybercrime.”

It is advised to avoid clicking on links or opening attachments received by unknown contacts, to keep software updated, and to adhere to stringent cyber hygiene standards in order to prevent falling victim to such a scam.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.