Exposing a Global Smishing Operation Across 19 Countries: Governments, Postal Services, and Telecoms Targeted

A coordinated smishing operation spanning 19 countries across Europe, the Americas, and the Caucasus has been exposed, originating from fraudulent SMS messages impersonating Romania's government payment portal Ghișeul.ro. Investigation revealed 1,628 malicious URLs linked by a single 128-character campaign identifier, targeting government portals, traffic police departments, postal services including DPD and SEUR, tax authorities, and telecommunications providers like T-Mobile and Vodafone. The infrastructure utilizes 32 backend IP addresses distributed across Tencent Cloud, Alibaba Cloud, Cloudflare CDN, and ALEXHOST Moldova. Threat actors employ two distinct phishing templates: a Vue.js single-page application and a Bootstrap-based clone, executing a four-stage credential harvesting process that collects complete payment card details through fabricated traffic fines, toll payments, and delivery notifications.

Pulse ID: 6a17527240dde65694eed30e
Pulse Link: https://otx.alienvault.com/pulse/6a17527240dde65694eed30e
Pulse Author: AlienVault
Created: 2026-05-27 20:22:10

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Americas #CDN #Caucasus #Cloud #CredentialHarvesting #CyberSecurity #Europe #Government #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SMS #Smishing #Telecom #Telecommunication #bot #AlienVault

⚠️ Právě teď se šíří vlna podvodných SMS zpráv, kde se útočníci vydávají za Policii ČR a požadují uhrazení pokuty přes odkaz. Jde o smishing. Neklikejte, nic nezadávejte a pamatujte: policie platby přes SMS nevymáhá.

#smishing

Supuestos “mensajes urgentes” disparan casos de fraudes digitales, alerta UNED

La casa de enseñanza señala que las estafas a través de smishing se han convertido en “una de las principales amenazas digitales” en 2026.
La entrada Supuestos “mensajes urgentes” disparan casos de fraudes digitales, alerta UNED aparece primero en Semanario Universidad.

#Ciberfraudes #Estafas #Fraudes #País #RolandoRojas #Smishing #Tecnología #Uned #UniversidadEstatalADistancia #ÚltimaHora

https://semanariouniversidad.com/pais/supuestos-mensajes-urgentes-disparan-casos-de-fraudes-digitales-alerta-uned/

L'Italia fra le nazioni più colpite da frodi informatiche. I brand più falsificati dal phishing in Italia sono PayPal, Amazon e Poste Italiane. Nei loro attacchi phishing i cybercriminali sfruttano marchi molto noti per aumentare la credibilità di email, sms e notifiche fraudolente.
I truffatori operano continuamente e ...

https://scienzamagia.eu/world-wide-web/litalia-fra-le-nazioni-piu-colpite-da-frodi-informatiche/

#Cybercrime #cybercriminali #ingegneriasociale #phishing #Poliziapostale #Quishing #smartphone #smishing #truffeinformatiche #typosquatting

Stolen phones - and specifically iPhones - have robust anti-theft protections. They are worthless once they're flagged - locked to their owner. So why are millions still being stolen every year?
In this paper, we uncover a thriving underground marketplace focused on unlocking stolen phones. It is powered by:

Lookalike domains impersonating Apple, Xiaomi, Samsung and other brands
Smishing campaigns targeting device owners
Pay‑as‑you‑go “unlocking” tools sold on Telegram
By pivoting on DNS data, we identified 10,000+ malicious domains and a growing ecosystem turning locked devices into profit at scale.

👉 Read how this supply chain works—from theft to resale—and why it’s growing fast. https://www.infoblox.com/blog/threat-intelligence/lookalike-domains-expose-the-iphone-theft-economy/

#ThreatIntel #CyberSecurity #Phishing #MobileSecurity #iOS #Smishing #dns #threatintelligence #cybercrime #infosec #infoblox #infobloxthreatintel #threatintelligence #cybercrime  #infosec #infoblox #infobloxthreatintel

E sono già due oggi. 🤬

#truffe #smishing

Industrialized Smishing Infrastructure Targeting the UAE and Singapore Transportation, Government, and Logistics Sectors

Pulse ID: 6a02d9378d3d4adc39e13360
Pulse Link: https://otx.alienvault.com/pulse/6a02d9378d3d4adc39e13360
Pulse Author: Tr1sa111
Created: 2026-05-12 07:39:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Government #ICS #InfoSec #OTX #OpenThreatExchange #Singapore #Smishing #UAE #bot #Tr1sa111