"Smishing Triad Targets UAE Residents in Identity Theft Campaign"

Security researchers at Resecurity have recently observed a new fraudulent campaign orchestrated by the Smishing Triad gang and, impersonating the United Arab Emirates Federal Authority for Identity and Citizenship.  The researchers noted that the group is operating through malicious SMS messages that claim to be from the General Directorate of Residency and Foreign Affairs.  The campaign specifically targets UAE residents and foreigners in the country.  The security researchers who discovered the threat promptly notified UAE law enforcement agencies and cybersecurity entities to mitigate potential risks associated with identity theft.  The Smishing Triad gang, previously known for posing as US, UK, and EU postal providers, has shifted its tactics to focus on UAE residents.  The group utilizes malicious links sent via SMS or iMessage to victims’ mobile devices, concealing them through URL-shortening services like Bit.ly.  The researchers stated that the phishing messages, observed on both Apple iOS and Google Android devices, lack sender information, possibly utilizing Caller ID or underground SMS spoofing services.  The researchers noted that notably, victims reported receiving such messages after updating their residence visas, suggesting potential access to private channels through third-party data breaches, business email compromises (BEC), or dark web databases. 

 

Infosecurity reports: "Smishing Triad Targets UAE Residents in Identity Theft Campaign"

Submitted by Adam Ekwall on