Chinese fraudsters part of the RedZei operation, also known as RedThief, have been targeting U.K.-based Chinese international students for more than a year, The Hacker News reports.
SIMs from different mobile carriers including Tesco Mobile, Three, EE, O2, and Telia are being used by attackers alternately in compromising their targets, according to cybersecurity researcher Will Thomas.
Attackers have been calling targets using a unique U.K. phone number once or twice a month and leave atypical automated voicemail messages spoofing China Mobile, Bank of China, and the Chinese embassy in a bid to lure targets into providing their personal data, said Thomas.
"Other themes exploited by RedZei include the 'abnormal usage of your [National Health Service] number' and international parcels being delivered from DHL, which are both common concerns for Chinese students studying in the UK," said Thomas.
RedZei was initially reported by The Guardian in August 2019 to have lured Chinese students into paying large amounts of money in a bid to avert deportation.