smishing campaign

Beware! Smishing Campaign in the US through iMessage

3 Mins Read

PureVPNNewsBeware! Smishing Campaign in the US through iMessage

A new extensive smishing campaign is focusing on the United States, using compromised Apple iCloud accounts to send iMessages with the goal of committing identity theft and financial fraud.

The actors behind this campaign, who speak Chinese, are executing a package-tracking text scam via iMessage. Their objective is to gather personal information (PII) and payment details from victims, ultimately for identity theft and credit card fraud, according to Resecurity’s recent analysis.

More details about the campaign

This cybercriminal group, Smishing Triad, is also involved in “fraud-as-a-service,” offering pre-made smishing kits through Telegram for $200 per month. These kits impersonate well-known postal and delivery services in various countries, including the US, the UK, Poland, Sweden, Italy, Indonesia, Malaysia, Japan, and others.

extremely accurate process by the bad actors to install smishing,so the victim may not validate the resource and proceed further.

  • One distinctive aspect of their operation is the use of compromised Apple iCloud accounts to send messages claiming package delivery failures. 
  • These messages prompt recipients to click a link to reschedule the delivery and input their credit card information into a fake form.

Resecurity’s Analysis

Resecurity’s examination of the smishing kit uncovered an SQL injection vulnerability that allowed them to access over 108,044 records of victims’ data. 

The company speculates that the group may have created a hidden channel to collect personal and payment data from members and clients who use their kit.

This tactic, known as tradecraft, is commonly employed by cybercriminals to profit from their clients’ activities or monitor them by logging into an administration panel.

The Telegram group linked to Smishing Triad consists of graphic designers, web developers, and salespeople who oversee developing and marketing high-quality phishing kits on dark web cybercrime forums. 

Several Vietnamese-speaking members collaborate with the primary threat actors, who partner with financially motivated groups to expand their operations.

Smishing Triad not to be under-estimated

Aside from package tracking scams, Smishing Triad is involved in Magecart-like attacks that infect online shopping platforms with malicious code to intercept customer data.

What is Megecart attack? Sucuri's analysis.

Smishing, which combines social engineering with phishing kits delivered via iMessage and SMS, continues to be a rapidly evolving threat targeting consumers worldwide. 

Since people tend to trust SMS and iMessage communication channels more than email, this attack has successfully compromised numerous victims.

Do you still rely on some platforms?

The use of compromised Apple iCloud accounts and sophisticated phishing kits, coupled with their “fraud-as-a-service” approach, poses a severe risk to individuals’ personal information and financial security. 

As consumers, you must be vigilant when interacting with unexpected messages, even through seemingly trusted channels like iMessage. 

author

Anas Hasan

date

September 5, 2023

time

2 years ago

Anas Hassan is a tech geek and cybersecurity enthusiast. He has a vast experience in the field of digital transformation industry. When Anas isn’t blogging, he watches the football games.

Related Stories

Arizona Sees Surge in VPN Demand After Age Verification Laws Take Effect

Arizona Sees Surge in VPN Demand After Age Verification Laws Take Effect
Posted on October 8, 2025
A Single Password Breach Shut Down a 158 Year Old Business

A Single Password Breach Shut Down a 158 Year Old Business
Posted on October 7, 2025
Nepal Social Media Ban: How to Access Facebook, Instagram, and YouTube Safely

Nepal Social Media Ban: How to Access Facebook, Instagram, and YouTube Safely
Posted on September 5, 2025

Have Your Say!!