- A new large-scale smishing campaign has targeted U.S. citizens through compromised iMessage accounts.
- China-based malicious actors are impersonating services such as the Royal Mail and USPS to steal personal information for fraud and identity theft.
Cybersecurity firm Resecurity has revealed that a China-based cybercriminal group called the Smishing Triad has been targeting residents across the U.S. using iMessage to run fraud and identity theft operations.
According to the report, the malicious actors are using compromised iCloud accounts to run a text-based scam that involves the impersonation of organizations such as the USPS or the Royal Mail and obtain personally identifying information (PII) through the pretext of tracking packages for users. Other impersonated organizations include Correos, New Zealand Post, Postnord, J&T Express, Poste Italiane, the Italian Revenue Service, etc.
Essentially, iCloud accounts are used to transmit alerts about the failure of package deliveries, asking the recipients to open links to reschedule the delivery. Consequently, they urge readers to fill in their credit card information in a fake form. The attacks combine social engineering tactics with phishing kits to improve their chances of success.
See More: Canada News Law Could Cost Google and Meta 4% of Revenues
According to Resecurity, the group is running a fraud-as-a-service business offering smishing kits via the Telegram app for malicious actors targeting several countries worldwide, including Japan, the U.S., the U.K., Malaysia, Sweden, and more.
These kits use a SQL injection vulnerability that, according to Resecurity, has been used to monitor system activity and extract over 100,000 records from the group’s clients. The Smishing Triad was previously known to use online shopping platforms to extract customer data by injecting malicious code.
Driven by the spike in fraudulent activities during the summer, USPS has already warned about the rising risk of package-tracking text scams sent through SMS or iMessage. Security software, sender verification, and avoiding links are recommended to mitigate the attacks.
What measures should be enacted to improve cyber awareness? Let us know your thoughts on LinkedIn, Twitter, or Facebook. We’d love to hear from you!
Image source: Shutterstock