Pakistan has become the latest target of the Smishing Triad, previously operational in the E.U., Saudi Arabia, the U.A.E., and the U.S. This group has adopted a fresh approach by sending deceptive messages allegedly from ‘Pakistan Post’ to mobile users. The aim is to trick recipients into divulging personal and financial details, as highlighted in a report by Resecurity.
These cybercriminals send fake SMS and iMessage alerts, claiming failed package deliveries. Unsuspecting users who click the provided links are directed to counterfeit websites requesting financial details under the guise of a re-delivery fee.
The Smishing Triad, believed to be Chinese-speaking, leverages stolen databases from the dark web. Besides Pakistan Post, the group has been linked to scams mimicking services like TCS, Leopard, and FedEx.
Concurrently, Google’s threat analysis revealed that the Brazilian cyber landscape is under siege by the Grandoreiro banking trojan, which is distributed by a group called FLUXROOT. This trojan targets financial information and is often hosted on cloud services like Azure and Dropbox. FLUXROOT’s phishing schemes impersonate Mercado Pago, aiming to steal user credentials.
Additionally, Google identified another Brazilian threat actor, PINEAPPLE, using tax-themed spam to distribute the Astaroth malware. A third actor, UNC5176, targets financial and healthcare sectors with a backdoor named URSA, employing sophisticated techniques to steal login credentials.
As cyber threats expand globally, these incidents highlight the requirement for heightened vigilance and robust cybersecurity measures to protect personal and financial data from increasingly sophisticated attacks.
