A new wave of fraudulent activity committed by the renowned Smishing Triad gang has been discovered by security researchers. This criminal group has moved its focus to the United Arab Emirates (UAE). Previously, it was well-known for impersonating postal providers in the US, UK, and EU. The group targets foreigners living in the UAE as well as locals by using fraudulent SMS messages that pretend to be the General Directorate of Residency and Foreigners Affairs.

The danger was promptly detected and reported by the Resecurity team, which prompted law enforcement and cybersecurity organisations in the UAE to take immediate action. The timing of this campaign's revelation and the spike in fraudulent activity over the holidays highlights the urgent need for mitigating measures to stop identity theft.

Smishing Triad at Work

The Smishing Triad gang sends harmful links to victims' mobile devices over SMS or iMessage. The gang uses URL-shortening services like Bit.ly to hide these linkages. The sender of the phishing messages, which were seen on Google Android and Apple iOS devices, is unknown which may possibly be using Caller ID or underground SMS spoofing services.

After changing their residency visas, victims have reported getting similar messages which indicatepossible access to private channels via dark web databases, business email compromises (BEC), or third-party data breaches.

Victims are taken to a fake website that imitate the UAE General Directorate of Residency and Foreigners Affairs website when they click on the malicious links. Credit card numbers and private information are secretly taken from users of this fake website. In order to make timely analysis more difficult, the attackers encrypt HTTP answers with RSA, and a Chinese organisationis in charge of important domain names that are used in fraudulent operations. Additionally, geolocation filtering is used, limiting the phishing form's appearance to mobile devices and IP addresses in the United Arab Emirates.

Preventive Actions

Resecurity recommends raising cybersecurity awareness and putting identity protection plans in place to combat these ever-evolving attacks. The advisory highlights the need to stay on guard, saying, "Because the Smishing Triad gang is actively targeting the Emirates using multiple schemes, cybersecurity agencies and UAE citizens must remain vigilant. Fraud awareness campaigns, identity protection, and educational programs are essential first lines of defense against these rapidly evolving threats."

In order to reduce the risks connected with identity theft, law enforcement authorities, cybersecurity experts, and the general public must work together as the Smishing Triad gang modifies its tactics to target the United Arab Emirates. Individuals can strengthen its defenses against the growing risk posed by advanced cybercriminal organisations like the Smishing Triad gang by remaining informed, putting preventative measures in place, and raising awareness.