A new cyber threat has emerged in India as cybersecurity firm Resecurity identifies a major campaign by the Smishing Triad aimed at stealing personal and payment data. The campaign, which began gaining traction around July 8, 2024, has specifically targeted India Post (Department of Posts, India), utilizing recently established infrastructure to amplify its reach. With India’s vast population exceeding 1.417 billion and a rapidly expanding smartphone user base projected to hit 1 billion by 2023, the country presents a lucrative target for such malicious activities.
The Smishing Triad reportedly registered domain names mimicking India Post as early as June, strategically preparing for a large-scale operation that has now intensified. The primary objective of this campaign is to harvest extensive amounts of personally identifiable information (PII) and payment data from unsuspecting individuals. Similar operations by the Smishing Triad have previously targeted countries including the U.S., U.K., EU, UAE, KSA, and most recently Pakistan, underscoring the group’s global reach and capabilities.
Authorities in India have been proactive in warning the public about the increasing threat of smishing, urging citizens to remain vigilant against fraudulent messages purporting to be from legitimate institutions like India Post. Such messages often lure recipients into disclosing sensitive information or clicking on malicious links, facilitating data theft and potential financial fraud. This heightened alert comes amidst rising concerns that aggregated digital identity data could be exploited not only by cybercriminals but also by nation-state actors for espionage purposes.
Cybersecurity experts caution that the Smishing Triad’s activities are sophisticated, involving the use of smishing kits to extract credit card information and deploying malicious code aimed at critical sectors such as energy. Additionally, the group has been known to impersonate major Fortune 100 brands in targeted phishing attacks, highlighting the diverse and evolving nature of their tactics. As the campaign in India unfolds, stakeholders emphasize the importance of robust cybersecurity measures, timely threat intelligence sharing, and public awareness to mitigate the risks posed by such cyber threats.
Reference:
