Smishing Triad Targets UAE Residents in Identity Theft Campaign

Security researchers have observed a new fraudulent campaign orchestrated by the Smishing Triad gang and impersonating the United Arab Emirates Federal Authority for Identity and Citizenship.
Operating through malicious SMS messages that claim to be from the General Directorate of Residency and Foreigners Affairs, the campaign specifically targets UAE residents and foreigners in the country.
The Resecurity team discovered the threat and promptly notified UAE law enforcement agencies and cybersecurity entities to mitigate potential risks associated with identity theft.
According to an advisory published by the company on Monday, the discovery coincided with an uptick in fraudulent activities during the holiday season.
The Smishing Triad gang, previously known for posing as US, UK and EU postal providers, has shifted its tactics to focus on UAE residents.
The group utilizes malicious links sent via SMS or iMessage to victims' mobile devices, concealing them through URL-shortening services like Bit.ly.
The phishing messages, observed on both Apple iOS and Google Android devices, lack sender information, possibly utilizing Caller ID or underground SMS spoofing services.
Notably, victims reported receiving such messages after updating their residence visas, suggesting potential access to private channels through third-party data breaches, business email compromises or dark web databases.
Upon clicking the link, victims are redirected to a fake webpage resembling the UAE General Directorate of Residency and Foreigners Affairs website, where personal information and credit card details are stolen.
The attackers used RSA encryption in HTTP responses to complicate timely analysis.
According to Resecurity, a China-based organization controls critical domain names employed in fraudulent campaigns.
The attackers use geolocation filtering, allowing the phishing form to appear only for UAE IP addresses and mobile devices.
To protect against these evolving threats, Resecurity recommended heightened cybersecurity awareness and the implementation of identity protection programs.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 19 Dec 2023 16:30:13 +0000


Cyber News related to Smishing Triad Targets UAE Residents in Identity Theft Campaign

Smishing Triad Targets UAE Residents in Identity Theft Campaign - Security researchers have observed a new fraudulent campaign orchestrated by the Smishing Triad gang and impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. Operating through malicious SMS messages that claim to be ...
10 months ago Infosecurity-magazine.com
31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
9 months ago Pandasecurity.com
Cybercriminals target UAE residents, visitors in new info-stealing campaign - A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research. The cybercriminals - called the ...
10 months ago Therecord.media
The Latest Identity Theft Methods: Essential Protection Strategies Revealed - Identity theft has evolved far beyond the days of stolen mail and dumpster diving. Today's identity thieves employ sophisticated techniques, including account takeovers and government benefit fraud, making it essential for you to stay vigilant to ...
9 months ago Hackread.com
Unmasking Identity Theft: Detection and Mitigation Strategies - In an increasingly digital world, the threat of identity theft looms large, making it imperative for individuals to be proactive in detecting potential breaches and implementing effective mitigation measures. This article delves into key strategies ...
10 months ago Cybersecurity-insiders.com
UAE Cybersecurity Official Warns of VPN Abuse - The top cyber official in the United Arab Emirates worries that virtual private networks are being misused in the country. UAE residents increased their downloads of VPN apps by 1.83 million in 2023, reaching a total of 6.1 million, according to the ...
9 months ago Darkreading.com
Taking the complexity out of identity solutions for hybrid environments: Identity Fabric and orchestration - For the past two decades, businesses have been making significant investments to consolidate their identity and access management platforms and directories to manage user identities in one place. Instead, businesses must learn how to consistently and ...
11 months ago Securityintelligence.com
SMS Phishing Messages Targets UAE Citizens, Visitors - A malicious SMS campaign that harvests personal information and credit card details is targeting citizens and visitors to the United Arab Emirates. The text-based campaign, run by the so-called Smishing Triad Gang, impersonates the United Arab ...
10 months ago Darkreading.com
Identity as a Service - Let us introduce Identity as a Service, a revolutionary identity management strategy that aims to improve security, simplify user interfaces, and enable frictionless access to online resources. Organizations can use IDaaS platforms to access identity ...
10 months ago Feeds.dzone.com
How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions - In particular, there is an immediate and profound impact on the identity and access management postures of both companies. While most combined organizations aspire to eventually consolidate their identity systems, this is a challenging and ...
10 months ago Microsoft.com
UAE Banks on AI to Boost Cybersecurity - For the United Arab Emirates, an aggressive push for a more digitized economy attracted plenty of interest and subsequent investment - but also made it a prime candidate for relentless cyberattacks. With nearly 50,000 cyberattacks reportedly thwarted ...
10 months ago Darkreading.com
Remote encryption increasingly adopted by ransomware operations - UAE authority spoofed in new Smishing Triad attacks SC StaffDecember 21, 2023. Individuals who recently updated their residence visas across the United Arab Emirates have been targeted Chinese-speaking threat group Smishing Triad in a new smishing ...
10 months ago Scmagazine.com
1Kosmos Unifies Identity Verification User Journeys Across Web and Mobile Platforms - PRESS RELEASE. EAST BRUNSWICK, N.J., Nov. 29, 2023 - 1Kosmos, the company that unifies identity proofing and passwordless authentication, today announced the 1Kosmos BlockID platform now enables organizations to seamlessly extend web-based identity ...
11 months ago Darkreading.com
What is Azure Identity Protection and 7 Steps to a Seamless Setup - As a result, tools such as Microsoft's Azure Identity Protection have become a staple in protecting against compromised identities, account takeover, and misuse of privileges. Azure Identity Protection is a security service that provides a robust ...
5 months ago Securityboulevard.com
Unseen Threats: Identity Blind Spots and Misconfigurations in Cybersecurity - It's rather obvious to most in the IT sector that cybercriminals consistently and successfully exploit stolen or weak online identities to gain unauthorized access to businesses of all types. It's these identities in an enterprise that are clearly ...
8 months ago Cybersecurity-insiders.com
What is identity management? Definition from SearchSecurity - Identity management is the organizational process for ensuring individuals have the appropriate access to technology resources. Identity management is an essential component of security. Identity management includes authenticating users and ...
6 months ago Techtarget.com
Smishing: SMS Phishing Attacks And How to Thwart Them - Smishing is a fast growing version of one of the most established and lucrative scams on the internet. Smishing, like other forms of phishing, aims to trick you into revealing sensitive data and information; however, instead of email, cybercriminals ...
10 months ago Cysecurity.news
SailPoint unveils two sets of new offerings to help companies grow their identity security program - SailPoint unveiled two sets of new offerings designed to give customers options as they build their identity program, while driving customer success throughout their identity journey. First, the company is extending the family of SailPoint Identity ...
9 months ago Helpnetsecurity.com
The Role of Identity Data Management in Achieving CISA'S Strategic Goals - At the heart of this growing risk is identity, with over 60% of all breaches today involving identity exploitation. As organizations continue to expand their digital footprints, driven by a move towards cloud resources and remote systems, their ...
6 months ago Cyberdefensemagazine.com
Reducing credential complexity with identity federation - Help Net Security - Organizations also need to ensure compatibility between different platforms and protocols, and effectively merge user identities across multiple IdPs to avoid security gaps or identity conflicts. From a security perspective, federated authentication ...
1 month ago Helpnetsecurity.com
Graduation to Adulting: Navigating Identity Protection and Beyond! - There's one first you might not have considered: your first identity protection plan. Imagine this: you're building your credit score, applying for a credit card, or renting your first apartment. These milestones are crucial, but they also make you a ...
5 months ago Webroot.com
CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
7 years ago
The 11 Best Identity and Access Management Tools - Demand for Identity and Access Management tools is booming. Today, there are dozens of Identity and Access Management tools on the market. Identity and Access Management solutions share many things in common with other cybersecurity technologies. ...
8 months ago Heimdalsecurity.com
9 tips to protect your family against identity theft and credit and bank fraud - With access to your personal information, bad actors can drain your bank account and damage your credit-or worse. By taking the right steps, you and your loved ones can enjoy the peace of mind that comes from identity protection. Check out the nine ...
8 months ago Webroot.com
​​Strengthening identity protection in the face of highly sophisticated attacks​​ - We continuously work to improve the built-in security of our products and platforms. It's a multi-year commitment to advance the way we design, build, test, and operate our technology to ensure we deliver solutions that meet the highest possible ...
10 months ago Techcommunity.microsoft.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)