The FBI has has issued a national warning About a new wave of “SMISH” attacks spreading to the United States.
SMISHS SMISHS Texts Fraudulent messages are sent via SMS (Short message service) or text messaging with the intention of encouraging recipients to reveal personal information, such as passwords, credit card details or other sensitive data.
The term “smirshing” is a combination of “SMS” and “phishing”, referring to misleading tactics used to Manipulate individuals to provide confidential information.
Cybercriminals have registered more than 10,000 areas to feed these scamsWho target iPhone and Android users with fraudulent text messages designed to steal personal and financial information.
Authorities urge for recipients to immediately delete all suspicious messages.
A new Report of the Cybersecurity Company Palo Alto Networks’s Unit 42The research division of the company specializing in information on threats and the response to incidents, reveals that these scams attract victims to provide sensitive data, including details of credit cards and the bank account.
Initially focused on fraudulent toll payment notifications, the campaign has extended to include false delivery service alerts, encouraging users to click on malicious ties.
For months, state and local authorities have made alarms on the toll scam, which wrongly claims that the beneficiaries owe unpaid toll costs.
The Federal Trade Commission (FTC) warns that clicking on these links is not only risking financial flight, but also exposes the victims to identity fraud.
The fraudulent messages follow a common scheme: they claim that a unpaid bill requires immediate action to avoid penalties.
The text includes a link that directs users to a payment portal – this is where the vast network of crooks of the crooks comes into play.
Since Imessage d’Apple blocks suspicious links, crooks now allow users to copy and stick the URL in their web browser, which makes detection more difficult.
Cybersecurity experts believe that the scam works as a franchise model, taking advantage of the Chinese cybercriminal group tool kits.
Unit 42 has identified many malicious areas, many of which are using the higher level of China (TLD), including:
- DHL.com-New[.]Xin
- Fedex.com-fedexl[.]Xin
- Ezdrive.com-2h98[.]Xin
- e-zpassny.com–Tickketd[.]Xin
- Sunpass.com-ticketap[.]Xin
- Thetollroads.com-fastrakeu[.]Xin
The FTC advises that legitimate American toll services and delivery companies would never redirect users to foreign areas.
A report of McAfee of the Cybersecurity Company highlights the cities most affected by these scams.
Dallas, Atlanta, Los Angeles, Chicago and Orlando are among the first five – with other highly targeted areas, including Miami, Houston, Denver, Phoenix and Seattle.
The authorities have noted four times more of these scams since January.
The danger of these scams was Underlined by the Attorney General of Louisiana Liz Murrillwho revealed that she was herself targeted.
“I also received this text. It is a scam. If you receive a text that seems suspicious, make sure you never click on it. You don’t want your private information to be stolen by crooks, ”she warned.
Certain variations in the scam have introduced additional misleading tactics.
A Investigation of local news in Detroit noted that when the victims tried to make a payment, they received an error message claiming that their card had been refused.
This tip encourages them to enter several details of the card, giving crooks access to more financial information.
The FBI urges the public to follow these steps if they receive a suspicious text:
- File a complaint with the center of internet crime complaints (IC3) in http://www.ic3.govProviding details on the phone number and the website listed in the text.
- Visit the website of the legitimate toll service or contact your customer service to check the current payments.
- Immediately delete all SMIRS messages.
- If personal or financial details have been compromised, take immediate measures to secure your accounts and challenge unauthorized transactions.
Likewise, the FTC advises:
- Avoid clicking on links or responding to unexpected texts.
- Check the messages by contacting the relevant toll agency via the official channels.
- Report and delete scam texts, using the “unwanted report” function on smartphones or by transmitting them to 7726 (SPAM).
Cybersecurity company Zimperium has warned that cybercriminals are increasingly adopting a “first mobile attack strategy” due to user vulnerability on small screen devices.
The convenience of smartphones makes people more likely to click on text messages than emails, which increases the risk of falling for such scams.
With evolving smorating scams and spreading at an alarming rate, the authorities continue to focus on vigilance.
The public is encouraged to remain cautious and to avoid interacting with unsolicited messages, ensuring that their personal and financial information remains protected.
