AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

PostalFurious: new phishing SMS campaign targets users in UAE

Scam masquerading as postal services and toll operators aims to steal personal data and payment credentials through fake text messages

This pill is also available in Italian language

A Chinese phishing group named PostalFurious has been associated with a new SMS campaign targeting users in the UAE. This campaign is posing as postal services and toll operators, according to Group-IB, a Singapore-based cybersecurity company. The fraudulent tactic used includes sending bogus text messages demanding users to pay a fare for a car ride, with the threat of additional fines if the request is not complied with. To disguise the real phishing link, the messages include a shortened URL.

Details of the elaborate phishing scheme

By clicking on the link provided in the message, unsuspecting recipients are redirected to a fake landing page designed to capture users' personal details and payment credentials. This campaign is estimated to have been running since April 15, 2023. "Messaging URLs lead to fake branded payment pages that ask for personal details, such as name, address and credit card information," Group-IB said. Phishing pages misuse the official name and logo of the imitated postal service.

The attempt to remain hidden and the expansion of PostalFurious operations

The exact extent of the attacks is not currently known. What is known is that the text messages were sent from phone numbers registered in Malaysia and Thailand, as well as email addresses using Apple's iMessage service. In an effort to stay hidden, phishing links are geofenced, meaning the pages can only be accessed from IP addresses based in the UAE. Threat actors have been observed registering new phishing domains every day to expand their reach.

Prevention and recent developments in the world of phishing

To avoid falling victim to such scams, you are advised to be careful when clicking on links and attachments, keep your software up-to-date, and ensure you have good digital hygiene practices. This development follows another mail-themed phishing campaign called "Operation Red Deer" that was discovered targeting various Israeli organizations by distributing a remote access trojan called AsyncRAT. The attacks were attributed to a threat actor named Aggah.

Follow us on WhatsApp for more pills like this

06/06/2023 08:32

Editorial AI

Last pills

Serious vulnerability discovered in Rabbit R1: all user data at riskVulnerability in Rabbit R1 exposes sensitive API keys. What are the privacy risks?

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackers

Patelco Credit Union: security incident halts customer services in CaliforniaService disruption and customer frustration: Patelco Credit Union works to resolve security incident

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat