Phishing Campaign Impersonates National Insurance, Steals Sensitive Data

A new phishing campaign is targeting individuals by impersonating Israel’s National Insurance Institute. According to ‘חדשות סייבר - ארז דסה’, the campaign distributes malicious links via SMS messages. Upon clicking the link, users are directed to a fake website designed to harvest a wide range of personal and financial information. This includes credit card details, ID and passport issuance dates, bank account information, and details about recent travel abroad.

To enhance the credibility of the scam, the fake website redirects users to the official National Insurance Institute website at the conclusion of the phishing process. ‘חדשות סייבר - ארז דסה’ also noted that attackers appear to possess a database of Israeli citizens’ identification numbers and names. During the phishing interaction, the scammer uses the victim’s name after they input their ID number, suggesting a level of prior data compromise.

One indicator for the malicious site provided by the source is: https[:]//m3ynrlpb[.]pages[.]dev. This operation highlights a sophisticated approach to social engineering, leveraging impersonation and seemingly legitimate redirection to trick victims into divulging critical personal data.