Phishing Attack Hits Indian Mobile Users via India Post Scams

Home/BOTNET, Compromised, Exploitation, Internet Security, malicious cyber actors, phishing, Security Advisory, Security Update/Phishing Attack Hits Indian Mobile Users via India Post Scams

Phishing Attack Hits Indian Mobile Users via India Post Scams

Indian iPhone users are inundated with SMS phishing scams posing as India Post delivery notifications, aimed at stealing credentials for future scams.

Fraudsters Pose as India Post in SMS Phishing Scam

Smishing attacks targeting Indian iPhones are flooding phones with fake delivery notifications from India Post. These messages claim issues with ‘incomplete address information,’ prompting users to follow a link, provide details, and pay a service fee.

The linked site and message have no connection to India Post; instead, attackers use iMessage and a fake iCloud account to deceive victims. Here’s a common example:

Fortinet’s research lists over a hundred domains used in this phishing campaign, highlighting its massive scale. With so many domains, it’s clear that thousands of victims are targeted before any domain is taken down.

The scam focuses on collecting users’ input from login forms on fake websites. Despite using different domain names, these sites are identical in design and mimic the original India Post page convincingly.

Users are tricked into entering personal information such as name, address, ZIP code, email, and phone number. They are also asked to pay a small fee to “finalize the delivery.” This payment request often leads to stolen banking details, turning what seems like a minor charge into a significant theft.

The research indicates that this fraud is likely another operation by the Smishing Triad, a China-based group known for SMS phishing. Previously targeting Pakistan, UAE, and the US, their focus on India is not surprising given its large, vulnerable population. The Smishing Triad’s schemes often involve not just identity theft but also credit card data, which is either sold on the Darknet or used for cyber espionage, reflecting their connections to the CCP.

To protect against smishing:

  1. Verify Messages: Always verify unexpected or suspicious messages by contacting the organization directly through official channels before clicking any links or providing personal information.
  2. Avoid Clicking Links: Do not click on links or download attachments from unknown or unexpected messages.
  3. Use Security Software: Keep your mobile device protected with up-to-date security software that can detect and block phishing attempts.
  4. Enable Two-Factor Authentication: Use two-factor authentication (2FA) for your online accounts to add an extra layer of security.
  5. Educate Yourself: Be aware of common smishing tactics and stay informed about new scams to recognize them quickly.
  6. Report Suspicious Messages: Report any suspected smishing attempts to your mobile carrier and the relevant authorities to help combat these threats.
  7. Regularly Monitor Accounts: Regularly check your bank and credit card statements for any unauthorized transactions.
  8. Use Official Apps: Download and use apps only from official app stores and ensure they are from trusted sources.
  9. Update Your Device: Keep your mobile device’s operating system and apps updated to protect against known vulnerabilities.

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!