A phishing campaign targeting residents in Saudi Arabia impersonates Saudi Post (SPL) via SMS to steal personal information and credit card data through a fake “address correction” page. The attack uses realistic clones of the official SPL portal to harvest credentials and intercept one-time passwords (OTPs) for fraudulent transactions. These phishing cases highlight attackers’ use …