Individuals who recently updated their residence visas across the United Arab Emirates have been targeted Chinese-speaking threat group Smishing Triad in a new smishing attack campaign that involved the impersonation of the country's Federal Authority for Identity and Citizenship facilitate malicious data gathering activities, reports The Hacker News.
Malicious messages sent by Smishing Triad through SMS or iMessage included shortened links, which when clicked would redirect to a UAE Federal Authority for Identity, Citizenship, Customs & Port Security-spoofing website, a report from Resecurity showed. Targets are then asked by the site to input their names, mobile numbers, addresses, card details, and passport numbers although the form will only be loaded from devices using UAE-based IP addresses, according to the report. "The perpetrators of this act may have access to a private channel where they obtained information about UAE residents and foreigners living in or visiting the country. This could be achieved through third-party data breaches, business email compromises, databases purchased on the dark web, or other sources," said researchers.
