Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale

June 12, 2024, 11:03 a.m.

Description

Resecurity has identified a new activity of a cybercrime group known as Smishing Triad, which has expanded its operations to Pakistan. The group is employing tactics involving sending malicious messages impersonating Pakistan Post to customers of mobile carriers via iMessage and SMS, with the goal of stealing their personal and financial information. The code and templates used by the attackers are consistent with previous instances of Smishing Triad activity targeting online banking, e-commerce, and payment systems customers in other regions.

External References

https://www.resecurity.com/blog/article/smishing-triad-is-targeting-pakistan-to-defraud-banking-customers-at-scale
https://otx.alienvault.com/pulse/666979f255c1f075e1e6ab38
Tags
impersonation
pakistan
fraud
2024-06-12
smishing

Date

  • Created: June 12, 2024, 10:35 a.m.
  • Published: June 12, 2024, 10:35 a.m.
  • Modified: June 12, 2024, 11:03 a.m.

Indicators

  • http://ytfrt.top/id
  • http://pakpotech.top/id
  • http://pak-post.com/id
  • http://linkr.it/4bStpB
  • http://l.ead.me/bf6fB8
  • http://l.ead.me/BjsT
  • http://2h.ae/nwxP
  • http://2h.ae/cNRd
  • pk-post-goi.xyz
  • ep-gov-ppk.icu
  • ep-gov-ppk.cyou
  • ep-gov-pkw.cfd
  • correosytelegrafos-civ.icu
  • correos-es.cn

Attack Patterns

  • Smishing Triad

Additional Informations

  • Pakistan