When security researcher Grant Smith received a text message claiming to be from the United States Postal Service, he initially dismissed it as another scam. However, the situation took a serious turn when his wife inadvertently entered her credit card details into the linked fraudulent website. This personal breach motivated Smith to embark on an in-depth investigation into the scam’s origins.
Smith, the founder of cybersecurity firm Phantom Security, eventually uncovered a large-scale operation involving fake USPS messages designed to collect personal information, including credit card details, from unsuspecting victims. These scams directed recipients to fraudulent websites that prompted them to enter sensitive information.
Smith’s investigation revealed that the scammers used a smishing kit sold on Telegram, linked to a group known as the “Smishing Triad.” The group was not unknown to security researchers, including Resecurity. The scammers operate a sophisticated cyber-criminal organization, primarily engaging in smishing campaigns targeting postal services and their customers worldwide.
The Smishing Triad sent fraudulent SMS and iMessage texts, usually impersonating reputable postal and delivery services like USPS and Royal Mail. These messages warned recipients of undeliverable packages and prompted them to provide personal details, credentials, and payment information.