Smishing Triad Targets India with Fraud Surge

by admin 0 Comments

Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

A recent surge in fraudulent smishing attacks impersonating India Post, the government-operated postal system, has prompted warnings from Indian authorities and cybersecurity experts. 

The Press Information Bureau (PIB) issued alerts in June urging vigilance against suspicious messages falsely claiming to be from India Post, part of India’s Ministry of Communications.

This tactic, known as smishing, involves sending deceptive SMS messages to trick users into divulging personal information or clicking on malicious links.

Cybersecurity firm Resecurity has now identified the perpetrators behind some of these campaigns as the Smishing Triad, a group known for sophisticated cyber fraud operations in multiple countries, including the US, UK, UAE and now India.

The Smishing Triad’s modus operandi involves registering fraudulent domain names that mimic legitimate organizations like India Post. By creating convincing but fake websites, they lure victims into disclosing sensitive information under false pretenses of updating delivery details. This information can be exploited for various malicious purposes, including financial fraud and identity theft.

According to Resecurity, the Smishing Triad recently intensified its operations in India, registering multiple deceptive domains such as inddiapost[.]top and indiapostyt[.]vip. These domains, identified across several hosting platforms, including Cloudflare and Tencent, aim to deceive users seeking legitimate postal services.

Resecurity warned that such attacks have significant implications not only for individual victims but also for national cybersecurity. Cyber espionage and data theft facilitated by large-scale smishing operations could potentially serve the interests of both cybercriminals and nation-state actors seeking to collect vast amounts of personal data.

To counter these threats, the company recommend avoiding clicking on suspicious links, verifying the authenticity of messages and promptly reporting any suspected fraud to law enforcement or cybersecurity agencies.

“In case you are skeptical of any emails, messages and calls, report it to authorities like PIB Fact Check or cyber police,” the company said. “Smartphone users also need to make sure that their devices are updated with the latest software.”

Read more on the Smishing Triad: China-Based Fraud Network Exposed

This article was originally published by Infosecurity-magazine.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Spyware Vendors’ Nebulous Ecosystem Helps Them Evade Sanctions
Secrets Exposed: Why Your CISO Should Worry About Slack
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
The key considerations for cyber insurance: A pragmatic approach

Leave a Reply

Your email address will not be published. Required fields are marked *