FlagThis

The Lucid PhaaS platform, operated by the XinXin group, is being used in sophisticated smishing campaigns targeting 169 entities across 88 countries. This Phishing-as-a-Service (PhaaS) platform leverages legitimate communication channels like Apple iMessage and Android RCS to bypass traditional SMS spam filters, significantly increasing delivery and success rates. Cybercriminals are using Lucid to harvest credit card details and personally identifiable information (PII) for financial fraud.

The platform employs social engineering tactics, including impersonating postal services, courier companies, and tax refund agencies. It offers credit card validation tools and can clone any brand's website to create phishing versions. Telecom providers face challenges in preventing these attacks due to the end-to-end encryption of iMessage and RCS. Cybersecurity experts recommend that users independently verify communications with trusted organizations through official channels to avoid falling victim to these scams.

ImgSrc: blogger.googleu

References :

• The Hacker News: Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing
• www.cysecurity.news: Lucid Faces Increasing Risks from Phishing-as-a-Service
• www.redhotcyber.com: Phishing come se non ci fosse un domani! Arriva Lucid PhaaS, la piattaforma cinese per truffe globali
• Blog: XinXin group offers new ‘dreamy’ PhaaS platform
• blog.knowbe4.com: A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS (smishing) attacks, according to researchers at Prodaft.

Classification:

• HashTags: #Phishing #iMessage #RCS
• Company: Multiple
• Target: Telecom Users
• Attacker: Lucid PhaaS
• Product: Lucid
• Feature: smishing
• Malware: Lucid
• Type: Phishing
• Severity: HighRisk