{"id":9502,"date":"2023-10-30T18:46:07","date_gmt":"2023-10-30T13:16:07","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=9502"},"modified":"2024-08-13T12:56:50","modified_gmt":"2024-08-13T07:26:50","slug":"postalfurious-smishing-campaign-in-uae","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/","title":{"rendered":"PostalFurious Strikes in UAE: Anatomy of a Smishing Campaign"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000\"><span style=\"font-weight: 400\">The whole world was highly affected by the pandemic, and one of the key elements that evolved during that time was digitization. As the world was forced to stay indoors, its dependence on technology increased exponentially. The increase in online shopping during the pandemic gave cybercriminals a perfect chance to come up with new ways to target and deceive people on the internet. In fact, the <span style=\"color: #183994\"><a style=\"color: #183994\" href=\"https:\/\/economictimes.indiatimes.com\/tech\/technology\/cyberattacks-surge-amid-accelerating-pace-of-covid-driven-digitalisation-wef-study\/articleshow\/88971332.cms\"><b>Economic Times<\/b><\/a><\/span> reported that amidst the rising number of digital devices, there has been an increase in cyber attacks by 151%.<\/span><\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#Tactics_Behind_the_Sophisticated_Smishing_Campaign\" >Tactics Behind the Sophisticated Smishing Campaign<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#Book_a_Free_Demo_Call_with_Our_People_Security_Expert\" >Book a Free Demo Call with Our People Security Expert<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#Enter_your_details\" >Enter your details<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#Here_is_the_Breakdown_of_the_Smishing_Attack_in_the_UAE\" >Here is the Breakdown of the Smishing Attack in the UAE<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#People_Security_Management_Can_Help_Your_Organization\" >People Security Management Can Help Your Organization<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#FAQs_PostalFurious_Strikes_in_UAE\" >FAQs: PostalFurious Strikes in UAE<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The Middle Eastern countries were the most affected region. During the pandemic, <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/www.linkedin.com\/pulse\/biggest-cyber-attacks-middle-east-2022-threatcop\"><b>Saudi Arabia and UAE<\/b><\/a><\/span><b> witnessed a 168% and 230% rise in phishing attacks respectively. Recently, another hacker group has come to light, which has used similar tactics to target the Middle East population. <\/b><span style=\"font-weight: 400;\">One such threat operator, the PostalFurious gang, impersonated postal brands and toll operators in the UAE to carry out phishing campaigns. The hacker group used phishing texts and iMessages in the UAE, tricking victims into entering personal and payment data on fake payment pages.&nbsp;<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The threat actor, first identified by Group-IB in April 2023, has been impersonating toll operators and postal brands to target customers in the Asia-Pacific region. Scam communications from numerous organizations, including government agencies and well-known brands like DHL, Central Bank, Salik, Emirates Post, and more have been making the rounds in the nation.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Tactics_Behind_the_Sophisticated_Smishing_Campaign\"><\/span><span style=\"color: #000000;\"><b>Tactics Behind the Sophisticated Smishing Campaign<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Group IB can now vouch for the fact that the organization has expanded its reach into the Middle East. Local officials issued a warning about a scam campaign in which threat actors pretended to be road toll operators at the beginning of May 2023. The Digital Crime Resistance Centre of Group-IB in Dubai was able to link PostalFurious to this campaign and another recent fraud operation that pretended to be a postal service and targeted people in the Middle East. The cybersecurity group has also found that 270 domains are impersonating renowned postal service brands.<\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 80% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #183e8b !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #fff !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n        box-shadow: 0px 4.66px 22.99px 0px rgba(0, 0, 0, 0.10);;\n    }\n\n\n        .formSec .formSecTwo{\n            padding-top: 15px !important;\n            margin-bottom: 30px !important;\n        }\n\n\n    .tnp-email {\n        width: 80% !important;\n        box-sizing: border-box;\n        padding: 8px 10px;\n        display: inline-block;\n        border: 1px solid #ced4da;\n        background: #fff;\n        color: #000 !important;\n        font-size: 13px;\n        line-height: 20px;\n        border-radius: 2px;\n        padding-right: 30px;\n        margin-bottom: 0px;\n    }\n\n    .formSec {\n        border: 1px solid #ced4da;\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n       \/* border: 1px solid #183e8b;*\/\n         background: white;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n        padding: 10px !important;\n    }\n\n    .formSecTwo {\n        text-align:center !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        \n       margin-bottom: 60px !important;\n       color: #000!important;\n          margin-top: 5px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width:90% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 50px;\n             top: 20px;\n            transform: translateY(-50%);\n            pointer-events: none; \n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:#495057;\n        }\n\n\n     ::placeholder {\n        color: #495057;\n    }\n\n        ::-ms-input-placeholder { \n          color:#495057;\n        }\n\n\n        input:-webkit-autofill {\n            background-color: transparent !important;\n            -webkit-box-shadow: 0 0 0px 1000px white inset !important; \n            box-shadow: 0 0 0px 1000px white inset !important;\n            color: #495057 !important; \n        }\n\n        \n        input {\n            color:#495057 !important;\n        }\n\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n        width: 80% !important;\n         margin-bottom: 14px;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 90% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 25px;\n            top: 58%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\" font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Book_a_Free_Demo_Call_with_Our_People_Security_Expert\"><\/span>\n                        Book a Free Demo Call with Our People Security Expert<span class=\"ez-toc-section-end\"><\/span><\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/form.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <h4 style=\"margin-top: 0; font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Enter_your_details\"><\/span>Enter your details<span class=\"ez-toc-section-end\"><\/span><\/h4>\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon01.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon02.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon03.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon04.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The phishing websites could only be accessed from IP addresses in the UAE and employed access-control measures to circumvent automatic detection. Based on shared infrastructure and code seen in earlier APAC activities, Group-IB connected these campaigns to PostalFurious. It is possible that skilled phishing actors were involved given the usage of Laravel as an administration panel and remarks in simplified Chinese in the phishing code.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Here_is_the_Breakdown_of_the_Smishing_Attack_in_the_UAE\"><\/span><b>Here is the Breakdown of the Smishing Attack in the UAE<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">The hacker group pretended to be toll operators and postal companies asking target customers to make payment of a vehicle toll to avoid fines.\u00a0<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">To hide the actual phishing address, a shortened URL is used in the SMS phishing campaign.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">When a user opens the link, they are taken to a bogus payment page with a phoney brand name.<\/span><\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image wp-image-9503\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1057\" height=\"766\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/09\/Phishing-SMS.png\" alt=\"Payment page used in postalfurious attack \" class=\"wp-image-9503\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">The bogus payment page used in the attack<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">Threat actors asked for personal information such as name, address, and card details.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">They used the official branding and logo of the impersonated postal services provider.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">The numbers from which messages were sent to many telecom company customers were registered in Thailand and Malaysia.<\/span><\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image wp-image-9504\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"870\" height=\"1500\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/09\/Breakdown-of-the-attack.png\" alt=\"Breakdown of Postalfurious attack\" class=\"wp-image-9504\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">Breakdown of the attack<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">The exact impact and scale of the attack is unknown but hackers also sent messages through email addresses via Apple iMessage.<\/span><\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image wp-image-9505\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1010\" height=\"1000\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/09\/iMessages.png\" alt=\"iMessage sent in the postalfurious attack\" class=\"wp-image-9505\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">iMessages<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">To increase their reach, threat actors constantly register new phishing domains.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Both phishing efforts used the same web servers to host their phishing resources and used the same layout for their fak<\/span><span style=\"font-weight: 400; color: #000000;\">e payment pages.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">These campaigns&#8217; architecture and code are similar to earlier PostalFurious campaigns in the Asia-Pacific area.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Attacks on the Middle Eastern and Asia-Pacific markets use the Laravel administration panel.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">The phishing websites&#8217; source code includes remarks written in simplified Chinese.<\/span><\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image alignnone size-full wp-image-9506\"><img loading=\"lazy\" decoding=\"async\" width=\"746\" height=\"231\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/09\/code.png\" alt=\"CODE \" class=\"wp-image-9506\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">Code<\/span><\/figcaption><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">The Group-IB did not disclose the name of the organizations who were impersonated by PostalFurious but Dubai\u2019s road toll system operator Salik issued a warning on Twitter regarding the circulation of false messages.<\/span><\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"617\" height=\"682\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/09\/Screenshot-2023-09-11-151311.png\" alt=\"Twitter screenshot\" class=\"wp-image-9508\"\/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">According to information provided by Group-IB, the fraud has been active at least since April 15, 2023, with the aim of compromising victims&#8217; financial information. On April 29, the same scam was reintroduced, and the con artists used the same servers to host a new network of phishing websites. This time, Emirates Post was the impostor company. The Chinese-speaking community known as PostalFurious has purportedly existed since 2021. The gang&#8217;s choice to imitate postal brands and its ability to establish sizable network infrastructures that are often updated to prevent detection led to the naming of the organization.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Also Read:<\/b><\/span> <a href=\"https:\/\/threatcop.com\/blog\/types-of-social-engineering-attacks\/\"><b><span style=\"color: #183994;\">A Brief Guide to Types of Social Engineering Attacks<\/span><\/b><\/a><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"1000\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/09\/Postalfurious.jpg\" alt=\"About the Postalfurious\" class=\"wp-image-9509\"\/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The bogus payment pages shared a similar layout to the Salik and Emirates Post scam schemes, which were both hosted on the same web servers. Both forgeries used the identical components and codes that the cybersecurity company had previously noted in their infrastructure.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Read More: <\/b><\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/types-and-techniques-of-phishing-attacks\/\"><b>Types and Techniques of Phishing Attacks &amp; How to Identify<\/b><\/a><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"People_Security_Management_Can_Help_Your_Organization\"><\/span><b>People Security Management Can Help Your Organization<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400;\"><span style=\"color: #000000;\">Phishing continues to pose a significant threat to cybersecurity, and its effectiveness can largely be attributed to human error. Despite advancements in technology and security measures, cybercriminals consistently exploit the vulnerabilities of human behavior to carry out successful<\/span> <\/span><a href=\"https:\/\/threatcop.com\/blog\/types-and-techniques-of-phishing-attacks\/\"><b><span style=\"color: #183994;\">phishing attacks<\/span><\/b><\/a><span style=\"font-weight: 400;\">. <span style=\"color: #000000;\">They craft deceptive emails and messages that trick unsuspecting individuals into revealing sensitive information, such as login credentials, financial details, or personal data. We have read about such cases where<\/span><\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/coinbase-data-breach\/\"><b> the unawareness of employees has led to a major cyber breach<\/b><\/a><b>.<\/b><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Human error plays a crucial role in phishing attacks. Employees may unknowingly click on malicious links or download infected attachments, providing hackers with access to corporate networks. In other cases, individuals may fall victim to <\/span><a href=\"https:\/\/threatcop.com\/blog\/social-engineering-attack\/\"><b><span style=\"color: #183994;\">social engineering tactics<\/span><\/b><\/a><span style=\"font-weight: 400;\">, <span style=\"color: #000000;\">such as impersonation or urgency tactics, leading them to disclose confidential information or execute unauthorized transactions. These mistakes can have severe consequences, leading to data breaches, financial loss, reputational damage, and compromised network security.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>You can also read:<\/b><\/span> <span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/top-5-cyber-attacks-and-security-breaches-due-to-human-error\/\"><b>Top 5 Cyber Attacks and Security Breaches Due to Human Error<\/b><\/a><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">To combat phishing effectively, organizations need to prioritize People Security management. This involves educating and training employees on recognizing and responding to phishing attempts. To empower employees through the AAPE Model, we<\/span><b> assess<\/b><span style=\"font-weight: 400;\"> the weakest links, raise <\/span><b>awareness<\/b><span style=\"font-weight: 400;\">, provide robust <\/span><b>protection<\/b><span style=\"font-weight: 400;\">, and <\/span><b>empower<\/b><span style=\"font-weight: 400;\"> employees to defend against cyber threats. By making employees aware of the various techniques used by cybercriminals, individuals can become more vigilant and cautious when interacting with suspicious emails, messages, or websites.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">No matter how many firewalls and security tools you put in place, some phishing emails will still find their way into your employees\u2019 inboxes and that&#8217;s where the <\/span><span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/threatcop-phishing-incident-response?utm_source=blog&amp;utm_medium=organic\">TPIR<\/a><\/strong><\/span><span style=\"font-weight: 400;\"><strong> (Threatcop Phishing Incident Response)<\/strong> tool empowers your employees to identify and report suspicious emails with a click.&nbsp; <\/span><strong><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/threatcop-security-awareness-training?utm_source=blog&amp;utm_medium=organic\">TSAT<\/a><\/span><\/strong><span style=\"font-weight: 400;\"><strong> (Threatcop Security Awareness and Training)<\/strong> helps in simulating five different kinds of cyber-attacks including phishing, vishing, smishing, and ransomware.&nbsp;<\/span><\/span><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">An additional feature of this tool is that you can customize the campaign templates to launch highly realistic dummy cyber attacks for maximum impact.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">These solutions provide employees with the knowledge, skills, and tools necessary to identify and report phishing attempts, thus strengthening the overall cybersecurity posture of the organization.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Read More: <\/b><\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/defend-social-engineering-attacks-in-middle-east\/\"><b>How the Middle East Can Defend Social Engineering Attacks<\/b><\/a><\/span><\/p>\n\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"FAQs_PostalFurious_Strikes_in_UAE\"><\/span><strong>FAQs: PostalFurious Strikes in UAE<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1694433822980\"><strong class=\"schema-faq-question\"><strong>What is smishing and how does a smishing attack work?<\/strong><\/strong> <p class=\"schema-faq-answer\">Smishing is a form of phishing that involves sending deceptive text messages or SMS (Short Message Service) to trick individuals into revealing sensitive information or performing certain actions.\u00a0<br\/>In smishing attacks, cybercriminals send fraudulent text messages pretending to be legitimate entities, such as toll operators or postal services. They include links or instructions that lead recipients to fake websites, where they are prompted to enter personal and payment information.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1694433861491\"><strong class=\"schema-faq-question\"><strong>Who is the PostalFurious gang?<\/strong><\/strong> <p class=\"schema-faq-answer\">PostalFurious is a threat group known for carrying out phishing campaigns by impersonating toll operators and postal brands. They have targeted customers in the UAE and Asia-Pacific region.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1694433932430\"><strong class=\"schema-faq-question\"><strong>How can individuals protect themselves from smishing attacks?<\/strong><\/strong> <p class=\"schema-faq-answer\">To protect against smishing attacks, individuals should be cautious of messages from unknown or untrusted senders, avoid clicking on suspicious links, never provide personal or financial information in response to unsolicited messages, and regularly update their devices with security patches. Phishing incident response tools like <a href=\"https:\/\/threatcop.com\/threatcop-phishing-incident-response?utm_source=blog&amp;utm_medium=organic\"><strong>TPIR<\/strong> <\/a>can help in the quick detection of malicious emails and their elimination from the inboxes of employees. It empowers employees to identify and report suspicious emails immediately.\u00a0<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1694433954812\"><strong class=\"schema-faq-question\"><strong>What is People Security management?<\/strong><\/strong> <p class=\"schema-faq-answer\">People Security management focuses on educating and training individuals to be more aware of cybersecurity risks and to make informed security decisions. It aims to empower employees to defend against cyber threats by raising awareness and implementing robust security measures.<br\/><br\/><strong>This solution follows the Assess, Aware, Protect, Empower (AAPE) model.<\/strong> They assess the weakest links in an organization&#8217;s security posture and raise awareness about phishing techniques and best practices through comprehensive training programs. And empower employees to defend against cyber threats by equipping them with the knowledge, skills, and tools necessary to identify and respond to phishing attempts.<br\/><\/p> <\/div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>The whole world was highly affected by the pandemic, and one of the key elements that evolved during that time was digitization. As the world was forced to stay indoors, its dependence on technology increased exponentially. The increase in online shopping during the pandemic gave cybercriminals a perfect chance to come up with new ways [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":10347,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41,43],"tags":[],"class_list":["post-9502","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-attacks","category-social-engineering"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>PostalFurious attacks in UAE: Anatomy of a Smishing Campaign<\/title>\n<meta name=\"description\" content=\"PostalFurious gang, impersonated postal brands and toll operators in the UAE to carry out phishing campaigns.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PostalFurious attacks in UAE: Anatomy of a Smishing Campaign\" \/>\n<meta property=\"og:description\" content=\"PostalFurious gang, impersonated postal brands and toll operators in the UAE to carry out phishing campaigns.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-30T13:16:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-13T07:26:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/Postal.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"492\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ritu Yadav\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ritu Yadav\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/\"},\"author\":{\"name\":\"Ritu Yadav\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/22d5f1d29bffa611a2e16b7e46659bce\"},\"headline\":\"PostalFurious Strikes in UAE: Anatomy of a Smishing Campaign\",\"datePublished\":\"2023-10-30T13:16:07+00:00\",\"dateModified\":\"2024-08-13T07:26:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/\"},\"wordCount\":1496,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/Postal.jpg\",\"articleSection\":[\"Cyber Attacks\",\"Social Engineering\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#respond\"]}]},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/\",\"name\":\"PostalFurious attacks in UAE: Anatomy of a Smishing Campaign\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/Postal.jpg\",\"datePublished\":\"2023-10-30T13:16:07+00:00\",\"dateModified\":\"2024-08-13T07:26:50+00:00\",\"description\":\"PostalFurious gang, impersonated postal brands and toll operators in the UAE to carry out phishing campaigns.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433822980\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433861491\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433932430\"},{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433954812\"}],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/Postal.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/Postal.jpg\",\"width\":512,\"height\":492,\"caption\":\"Postalfurious\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PostalFurious Strikes in UAE: Anatomy of a Smishing Campaign\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/22d5f1d29bffa611a2e16b7e46659bce\",\"name\":\"Ritu Yadav\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"caption\":\"Ritu Yadav\"},\"description\":\"Technical Content Writer at Threatcop Ritu Yadav is a seasoned Technical Content Writer at Threatcop, leveraging her extensive experience as a former journalist with leading media organizations. Her expertise bridges the worlds of in-depth research on cybersecurity, delivering informative and engaging content.\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433822980\",\"position\":1,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433822980\",\"name\":\"What is smishing and how does a smishing attack work?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Smishing is a form of phishing that involves sending deceptive text messages or SMS (Short Message Service) to trick individuals into revealing sensitive information or performing certain actions.\u00a0<br \\\/>In smishing attacks, cybercriminals send fraudulent text messages pretending to be legitimate entities, such as toll operators or postal services. They include links or instructions that lead recipients to fake websites, where they are prompted to enter personal and payment information.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433861491\",\"position\":2,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433861491\",\"name\":\"Who is the PostalFurious gang?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"PostalFurious is a threat group known for carrying out phishing campaigns by impersonating toll operators and postal brands. They have targeted customers in the UAE and Asia-Pacific region.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433932430\",\"position\":3,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433932430\",\"name\":\"How can individuals protect themselves from smishing attacks?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"To protect against smishing attacks, individuals should be cautious of messages from unknown or untrusted senders, avoid clicking on suspicious links, never provide personal or financial information in response to unsolicited messages, and regularly update their devices with security patches. Phishing incident response tools like <a href=\\\"https:\\\/\\\/threatcop.com\\\/threatcop-phishing-incident-response?utm_source=blog&amp;utm_medium=organic\\\"><strong>TPIR<\\\/strong> <\\\/a>can help in the quick detection of malicious emails and their elimination from the inboxes of employees. It empowers employees to identify and report suspicious emails immediately.\u00a0\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433954812\",\"position\":4,\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/postalfurious-smishing-campaign-in-uae\\\/#faq-question-1694433954812\",\"name\":\"What is People Security management?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"People Security management focuses on educating and training individuals to be more aware of cybersecurity risks and to make informed security decisions. It aims to empower employees to defend against cyber threats by raising awareness and implementing robust security measures.<br \\\/><br \\\/><strong>This solution follows the Assess, Aware, Protect, Empower (AAPE) model.<\\\/strong> They assess the weakest links in an organization's security posture and raise awareness about phishing techniques and best practices through comprehensive training programs. And empower employees to defend against cyber threats by equipping them with the knowledge, skills, and tools necessary to identify and respond to phishing attempts.<br \\\/>\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PostalFurious attacks in UAE: Anatomy of a Smishing Campaign","description":"PostalFurious gang, impersonated postal brands and toll operators in the UAE to carry out phishing campaigns.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/","og_locale":"en_US","og_type":"article","og_title":"PostalFurious attacks in UAE: Anatomy of a Smishing Campaign","og_description":"PostalFurious gang, impersonated postal brands and toll operators in the UAE to carry out phishing campaigns.","og_url":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2023-10-30T13:16:07+00:00","article_modified_time":"2024-08-13T07:26:50+00:00","og_image":[{"width":512,"height":492,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/Postal.jpg","type":"image\/jpeg"}],"author":"Ritu Yadav","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Ritu Yadav","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/"},"author":{"name":"Ritu Yadav","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/22d5f1d29bffa611a2e16b7e46659bce"},"headline":"PostalFurious Strikes in UAE: Anatomy of a Smishing Campaign","datePublished":"2023-10-30T13:16:07+00:00","dateModified":"2024-08-13T07:26:50+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/"},"wordCount":1496,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/Postal.jpg","articleSection":["Cyber Attacks","Social Engineering"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#respond"]}]},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/","url":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/","name":"PostalFurious attacks in UAE: Anatomy of a Smishing Campaign","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/Postal.jpg","datePublished":"2023-10-30T13:16:07+00:00","dateModified":"2024-08-13T07:26:50+00:00","description":"PostalFurious gang, impersonated postal brands and toll operators in the UAE to carry out phishing campaigns.","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433822980"},{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433861491"},{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433932430"},{"@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433954812"}],"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/Postal.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/Postal.jpg","width":512,"height":492,"caption":"Postalfurious"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"PostalFurious Strikes in UAE: Anatomy of a Smishing Campaign"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/22d5f1d29bffa611a2e16b7e46659bce","name":"Ritu Yadav","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","caption":"Ritu Yadav"},"description":"Technical Content Writer at Threatcop Ritu Yadav is a seasoned Technical Content Writer at Threatcop, leveraging her extensive experience as a former journalist with leading media organizations. Her expertise bridges the worlds of in-depth research on cybersecurity, delivering informative and engaging content."},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433822980","position":1,"url":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433822980","name":"What is smishing and how does a smishing attack work?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Smishing is a form of phishing that involves sending deceptive text messages or SMS (Short Message Service) to trick individuals into revealing sensitive information or performing certain actions.\u00a0<br \/>In smishing attacks, cybercriminals send fraudulent text messages pretending to be legitimate entities, such as toll operators or postal services. They include links or instructions that lead recipients to fake websites, where they are prompted to enter personal and payment information.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433861491","position":2,"url":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433861491","name":"Who is the PostalFurious gang?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"PostalFurious is a threat group known for carrying out phishing campaigns by impersonating toll operators and postal brands. They have targeted customers in the UAE and Asia-Pacific region.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433932430","position":3,"url":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433932430","name":"How can individuals protect themselves from smishing attacks?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"To protect against smishing attacks, individuals should be cautious of messages from unknown or untrusted senders, avoid clicking on suspicious links, never provide personal or financial information in response to unsolicited messages, and regularly update their devices with security patches. Phishing incident response tools like <a href=\"https:\/\/threatcop.com\/threatcop-phishing-incident-response?utm_source=blog&amp;utm_medium=organic\"><strong>TPIR<\/strong> <\/a>can help in the quick detection of malicious emails and their elimination from the inboxes of employees. It empowers employees to identify and report suspicious emails immediately.\u00a0","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433954812","position":4,"url":"https:\/\/threatcop.com\/blog\/postalfurious-smishing-campaign-in-uae\/#faq-question-1694433954812","name":"What is People Security management?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"People Security management focuses on educating and training individuals to be more aware of cybersecurity risks and to make informed security decisions. It aims to empower employees to defend against cyber threats by raising awareness and implementing robust security measures.<br \/><br \/><strong>This solution follows the Assess, Aware, Protect, Empower (AAPE) model.<\/strong> They assess the weakest links in an organization's security posture and raise awareness about phishing techniques and best practices through comprehensive training programs. And empower employees to defend against cyber threats by equipping them with the knowledge, skills, and tools necessary to identify and respond to phishing attempts.<br \/>","inLanguage":"en-US"},"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9502","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=9502"}],"version-history":[{"count":15,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9502\/revisions"}],"predecessor-version":[{"id":11733,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/9502\/revisions\/11733"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/10347"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=9502"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=9502"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=9502"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}