Los Cybercinkers They use phone farms iPhone To launch massive ‘Smishing’ campaigns through Imessage, taking advantage of the protections of this messaging application to avoid filters of telephone operators.
Scams through text messages (known as ‘Smishing’) reinvent each time, mainly to improve and refine the messages with which they try to deceive their victims (supposed payments of rates or fines, packaging of packages, etc.) and to avoid being detected by safety measures, which are also improved over time.
To avoid being discovered, cybercounts are using the ‘Messenger Apple, Imessage, which is encrypted and prevents the content of communication can be seen, as the Catalyst security firm has identified.
Specifically, Chinese -speaking actors are using Imessage and Google enriched communication services to distribute Lucid, a phishing platform as a service that offers scalability and the ability to execute great campaigns to steal bank data and commit economic fraud.
Its activity has been directed against 169 entities from 88 countries, although ‘Smishing’ campaigns focus mainly on Europe, the United Kingdom and the United States, and are very personalized, to “amplify their scope and effectiveness.”
These campaigns are launched from mobile device farms, also from iPhon, which “are used simultaneously to send messages and collect credit card data, all controlled from a centralized system.”
And are promoted in Telegram channels. As detailed by Catalyst researchers, cybercriminals announce that they can send more than 100,000 fraudulent messages a day; A capacity that not only uses the lucid responsible group, but also sell to others.