- The Popularity of ChatGPT has Led to an Increase in Smartphone Scams - August 17, 2023
- BlackBit and LokiLocker Ransomware Attacks are on the Rise in Russia - August 17, 2023
- How Can Phishing be Used to Make Governmental Services a “Profitable Business”? - August 16, 2023
Group-IB claims that a recent phishing SMS campaign aimed at consumers in the UAE is connected to the Chinese-language band PostalFurious. Hackers who are participating in the campaign transmit messages on behalf of postal services and toll road operators.
Users are asked to pay tolls in order to avoid more fines via phony SMS texts (smishing), according to the con. To conceal the actual phishing link, the mails also include a truncated URL.
When the victim clicks the link, a phishing payment page that requests personal information (such as name and address) and credit card details in order to process the transaction appears. Starting on April 15, 2023, the campaign is expected to be active. The legitimate name and emblem of a well-known supplier of postal services are used on the phishing pages.
Insights into the Extent and Sophistication of PostalFurious’ Phishing Campaign
It is presently uncertain how extensive the attacks were. It is commonly known that text messages were sent via the iMessage service from Apple using email addresses and phone numbers with Malaysian and Thai registrations.
Because the pages can only be viewed from IP addresses in the UAE, the phishing URLs are geo-limited to avoid detection. Additionally, it was shown that in order to increase their reach, attackers consistently register new phishing domains.
Analysts claim that the second attempt, noticed on April 29, 2023, imitated the UAE postal service.
The activity of the organization indicates a growth in the attacker’s activities from at least 2021, when hackers started focusing on consumers in the Asia-Pacific (APAC) area. PostalFurious’ actions, according to Group-IB, show “the transnational nature of organized cybercrime.”
It is advised to avoid clicking on links or opening attachments received by unknown contacts, to keep software updated, and to adhere to stringent cyber hygiene standards in order to prevent falling victim to such a scam.