New Smishing Threats: Stay Alert to Protect Your Finances and Identity
As the landscape of cybercrime evolves, so do the methods used by scammers to exploit unsuspecting victims. One notable tactic on the rise is 'smishing' – a deceptive practice where victims receive fraudulent text messages designed to trick them into divulging sensitive financial information. Recent reports suggest that a new wave of smishing attacks is imminent, with scammers leveraging fake identities from toll services and delivery companies to pressure victims into revealing their data. It’s crucial to stay informed and vigilant against these attacks to safeguard your personal and financial information.
Last month, the FBI released a warning regarding a serious smishing scam. Victims received fraudulent messages claiming they owed money for unpaid road tolls. In these situations, scammers create a false sense of urgency, threatening victims with additional fines if they do not act quickly to settle supposed debts. The links provided often lead to phishing pages that request sensitive banking details or credit card numbers.
Having recently received multiple similar messages, I deleted them immediately. It’s vital to remember that providing such information to scammers can grant them access to your bank accounts or other financial resources, and can even lead to identity theft since they often request personal data like your Driver's License number.
Heightened Risks: Thousands of Domains Registered for New Attacks
The FBI's alert has been supported by a new report from Palo Alto Networks' Unit 42, which indicates that malicious actors have registered over 10,000 new domain names targeting unsuspecting victims. These newly crafted messages aim to trick recipients into providing private and financial information, including details related to credit and debit cards as well as bank accounts.
A threat actor leveraging the same naming pattern has registered 10K+ domains for various #smishing scams. They pose as toll services for US states and package delivery services. Root domain names start with "com-" as a way to trick victims. More info at linkpic.twitter.com/7CBkvwYWxo
The initial waves of attack focused on bogus texts about non-existent unpaid road tolls directed at state-specific toll agencies. Now, new threats are on the rise, employing similar tactics but tied to package delivery services, pushing victims to make unwarranted payments under false pretense. The ultimate goal remains the same: to illicitly gather credit card and banking information along with personal identifiers.
These new scams have been detected across 10 U.S. states and one Canadian province, affecting locations such as California, Florida, Illinois, and New York, among others.
Be Cautious of These Domain Names
It is important to note that smishing messages can come from spoofed email addresses or phone numbers. In cases of iMessage, scammers may instruct you to reply with "Y" before they send you links to malicious sites. Here are some domain names currently being used in these scams:
- dhl.com-new[.]xin
- -driveks.com-jds[.]xin
- -ezdrive.com-2h98[.]xin
- -ezdrivema.com-citations-etc[.]xin
- -ezdrivema.com-securetta[.]xin
- -e-zpassiag.com-courtfees[.]xin
- -e-zpassny.com-ticketd[.]xin
- -fedex.com-fedexl[.]xin
- -getipass.com-tickeuz[.]xin
- -sunpass.com-ticketap[.]xin
- -thetollroads.com-fastrakeu[.]xin
- -usps.com-tracking-helpsomg[.]xin
Stay vigilant with your messages. Delete any texts that reference these domain names without hesitation.
