The FBI has it A nationwide warning has been issued About the new wave of “smishing” attacks spreading across the United States.
Smithing Text It's a fraudulent message sent via SMS (Short messaging service) or text messaging to trick recipients into revealing personal information such as passwords, credit card details, and other sensitive data.
The term “Smishing” is a combination of “SMS” and “phishing”; Manipulate individuals to provide confidential information.
Cybercriminals are registered Over 10,000 domains to promote these fraudstargets iPhone and Android users using fraudulent text messages designed to steal personal and financial information.
Authorities urge recipients to immediately delete suspicious messages.
new Report 42 from the unit of cybersecurity company Palo Alto Networksthe company's research division, which specializes in threat intelligence and incident response, has revealed that these scams will direct victims to provide sensitive data, including credit card and bank account details.
Initially, campaigns focusing on fraudulent toll payment notifications have been expanded to include fake delivery service alerts, which will allow users to click malicious links.
For months, states and local governments have been warnings about toll fraud.
The Federal Trade Commission (FTC) warns that not only clicking on these links, but also risking financial theft, it also exposes victims to personal information fraud.
Fraudulent messages follow a common pattern. They argue that unpaid bills require immediate action to avoid penalties.
The text contains a link that directs users to the payment portal. This is where the vast network of scammers' domains comes out.
Apple's iMessage blocks suspicious links, so scammers tell users to copy and paste URLs into a web browser, making detection even more difficult.
Cybersecurity experts believe that fraud acts as a franchise model and leverages the toolkits of Chinese cybercrime groups.
Unit 42 has identified many malicious domains. Many use China's .xin top-level domain (TLD).
- dhl.com-new[.]xin
- FedEx.com-fedex[.]xin
- ezdrive.com-2H98[.]xin
- e-zpassny.com-ticketd[.]xin
- sunpass.com-ticketap[.]xin
- thetollroads.com-fastrateu[.]xin
The FTC advises that legal US fee services and delivery companies will never redirect users to foreign domains.
Report from Cybersecurity company McAfee It highlights the cities that are most affected by these scams.
Dallas, Atlanta, Los Angeles, Chicago and Orlando have other heavily targeted areas, including Miami, Houston, Denver, Phoenix and Seattle.
Officials have noted that these scams have risen four times since January.
There was a risk of these frauds Louisiana Attorney General Liz Maryll highlightedrevealed that she was targeted herself.
“I also received this text. It's a scam. If you receive a text that appears suspicious, be sure to click on it. You don't want your personal information to be stolen by a scammer,” she warned.
Several variations of the scam introduced additional deceptive tactics.
a Detroit local news survey When the victim attempted to pay, it was discovered that they received an error message claiming that their card had been rejected.
This trick encourages them to enter multiple card details, allowing scammers to access more financial information.
The FBI urges the public to follow these steps if they receive suspicious texts.
- File a complaint with the Internet Crime Complaint Center (IC3) http://www.ic3.govprovides details about the phone numbers and websites listed in the text.
- Visit the legitimate toll service website or contact customer service to confirm any outstanding payments.
- Smithing messages will be deleted immediately.
- If your personal or financial details are infringed, we will take immediate action to secure your account and challenge any unauthorized transactions.
Similarly, the FTC advises.
- Do not click on a link or respond to unexpected text.
- Contact relevant traffic through official channels to confirm your message.
- Report and delete fraudulent texts that you use the “Report Junk” feature on your smartphone or forward to 7726 (Spam).
Cybersecurity company Zimperium warns that cybercriminals are increasingly adopting “mobile-first attack strategies” due to vulnerabilities in users on small screen devices.
The convenience of smartphones makes people more likely to click on text messages than emails, increasing the risk of falling into such a scam.
As Smithing Scams evolve and spread at an incredible rate, authorities continue to emphasize vigilance.
The public is encouraged to be cautious, avoid interacting with unsolicited messages and to ensure that your personal and financial information remains protected.
