Phishing scams have taken a new turn as Chinese operatives exploit popular mobile messaging protocols, including Apple’s iMessage and Google’s Rich Communication Services (RCS). These platforms, which are known for their end-to-end encryption and ability to send high-quality media, have now become the canvas for sophisticated phishing attempts aimed at unsuspecting victims.
According to cybersecurity research by Prodaft, a phishing-as-a-service platform called Lucid has been linked to successful campaigns that reportedly achieve a success rate of approximately 5%. This alarming statistic highlights the effectiveness of the phishing exploits that are largely bypassing typical security measures due to the advanced technology associated with these messaging systems.
Lucid campaigns have been reported to impersonate a myriad of organizations, affecting 169 entities across 88 countries, including major postal services like Australia Post and Royal Mail, as well as various courier services and financial institutions. Victims often receive phishing messages disguised as warnings about unpaid tolls or necessary tax payments, guiding them to fraudulent landing pages that ask for sensitive information.
The Lucid platform enables attackers to design highly targeted phishing campaigns tailored to specific brands, devices, and geographic regions. The use of time-limited, single-use URLs adds an additional layer of evasion from detection. Lucid allows multiple attackers to coordinate these campaigns through role-based access controls, significantly increasing the scale and success of their operations. With mobile farms capable of sending messages en masse, phishing campaigns have reached unprecedented levels of sophistication and effectiveness.