CyberSecurityBoard
Sponsor Register Login

SMS Phishing Messages Targets UAE Citizens, Visitors

A malicious SMS campaign that harvests personal information and credit card details is targeting citizens and visitors to the United Arab Emirates.
The text-based campaign, run by the so-called Smishing Triad Gang, impersonates the United Arab Emirates Federal Authority for Identity and Citizenship, and claims to be on behalf of the General Directorate of Residency and Foreigners Affairs.
The location of the Smishing Triad gang is unclear, but the fraudulent domains where details are collected are often registered in China.
To protect against detection, the attackers used geolocation filtering to ensure the phishing form will only appear when visited from UAE IP addresses and mobile devices.
Resecurity researchers believe the attackers may have access to a private channel where they obtained information about UAE residents and foreigners living in, or visiting, the country.
The gang could have obtained it via third-party data breaches, business email compromises, or databases purchased on the Dark Web.


This Cyber News was published on www.darkreading.com. Publication date: Thu, 21 Dec 2023 15:20:20 +0000


Cyber News related to SMS Phishing Messages Targets UAE Citizens, Visitors

Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
Cybercriminals target UAE residents, visitors in new info-stealing campaign - A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research. The cybercriminals - called the ...
1 year ago Therecord.media
Smishing Triad Targets UAE Residents in Identity Theft Campaign - Security researchers have observed a new fraudulent campaign orchestrated by the Smishing Triad gang and impersonating the United Arab Emirates Federal Authority for Identity and Citizenship. Operating through malicious SMS messages that claim to be ...
1 year ago Infosecurity-magazine.com
UAE Cybersecurity Official Warns of VPN Abuse - The top cyber official in the United Arab Emirates worries that virtual private networks are being misused in the country. UAE residents increased their downloads of VPN apps by 1.83 million in 2023, reaching a total of 6.1 million, according to the ...
1 year ago Darkreading.com
UAE Banks on AI to Boost Cybersecurity - For the United Arab Emirates, an aggressive push for a more digitized economy attracted plenty of interest and subsequent investment - but also made it a prime candidate for relentless cyberattacks. With nearly 50,000 cyberattacks reportedly thwarted ...
1 year ago Darkreading.com
SMS Phishing Messages Targets UAE Citizens, Visitors - A malicious SMS campaign that harvests personal information and credit card details is targeting citizens and visitors to the United Arab Emirates. The text-based campaign, run by the so-called Smishing Triad Gang, impersonates the United Arab ...
1 year ago Darkreading.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
Payoneer accounts in Argentina hacked in 2FA bypass attacks - Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Payoneer is a financial services platform providing online money ...
1 year ago Bleepingcomputer.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
Phishing kits now vet victims in real-time before stealing credentials - Even if they were allowed to use the real target's address, the analysts comment that some campaigns go a step further, sending a validation code or link to the victim's inbox after they enter a valid email on the phishing page. However, with this ...
2 weeks ago Bleepingcomputer.com
Spotting Phishing Attacks with Image Verification Techniques - Phishing refers to the tactic used by scammers who impersonate reputable brands and lure victims to click on suspicious links so that they can breach the privacy and sensitive data of individuals. You can call image-based phishing a relatively ...
1 week ago Cybersecuritynews.com
Beware of Fake Unpaid Toll Message Attack to Steal Login Credentials - Security analysts note that these toll scam campaigns achieve approximately 5% success rates – substantially higher than traditional email phishing attacks – demonstrating the effectiveness of this multi-stage approach that combines SMS messaging ...
2 weeks ago Cybersecuritynews.com
What Apple's Promise to Support RCS Means for Text Messaging - RCS will thankfully bring a number of long-missing features to those green bubble conversations in Messages, but Apple's proposed implementation has a murkier future when it comes to security. The RCS standard will replace SMS, the protocol behind ...
1 year ago Eff.org
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
11 months ago Hackread.com
AI-Powered Phishing Detection - Does It Actually Work? - Unlike traditional methods that rely on identifying known threats, AI-powered systems analyze patterns and behaviors to detect anomalies indicative of phishing attempts. The rise of artificial intelligence (AI) has brought new hope to combating these ...
1 week ago Cybersecuritynews.com
Ransomware Attacks Strike South Africa, Decline in UAE - Cybercrime - and especially ransomware - traditionally have had an uneven impact across the Middle East and Africa, yet recent data suggests that ongoing geopolitical conflicts will likely raise the overall level of cyberattacks across the regions. ...
1 year ago Darkreading.com Molerats LockBit
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
1 year ago Cyberdefensemagazine.com
USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data - A new USPS Delivery Phishing Scam has surfaced, in which scammers are exploiting Freemium Dynamic DNS and SaaS Providers to steal victims' login credentials and other data. Cybersecurity researchers at Bloster AI have uncovered a new USPS Delivery ...
1 year ago Hackread.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
1 year ago Darkreading.com
UAE, Saudi Arabia Become Plum Cyberattack Targets - Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web. With the UAE and Saudi Arabia increasingly invested in digitization, AI development, and ...
6 months ago Darkreading.com
New Gorilla Android Malware Intercept SMS Messages to Steal OTPs - The malware’s C2 panel reveals a sophisticated operation, with stolen SMS messages methodically organized under tags such as “Banks” and “Yandex,” suggesting a targeted approach toward financial information and popular ...
4 days ago Cybersecuritynews.com
New phishing attack steals your Instagram backup codes to bypass 2FA - A new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on the account. Two-factor authentication is a ...
1 year ago Bleepingcomputer.com
Why Phishing Remains the #1 Cyber Threat and How to Stop It - Unlike many cyber threats that rely solely on technical vulnerabilities, phishing exploits natural human tendencies such as trust, urgency, and curiosity. Additionally, adopting zero-trust security frameworks, which require continuous verification of ...
1 week ago Cybersecuritynews.com
CVE-2017-17780 - The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. This component code is found in the following WordPress plugins: Clockwork Free and Paid ...
4 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)