The Smishing Triad, a cybercriminal group based in China, has emerged as a significant threat due to its global-scale smishing campaign and its notorious involvement in numerous cybercrimes in the past.
This dangerous smishing group is now targeting citizens in the US and UK as part of its ongoing cybercrime campaigns.
Step-by-Step: How the Smishing Triad Executes Its Scams:
-They send fraudulent text messages claiming unpaid toll bills or payment requests related to toll services such as FasTrak, E-ZPass , I-Pass.
-These threat actors impersonate to the extent that it is pretty impossible recognize them. How do they do that? They spoof the legitimate sender’s ID to make it appear exactly like the genuine one.
-They also take advantage of messaging applications such as SMS, iMessage, and other instant messaging services that lack adequate security measures, using them to deliver phishing messages to their targets.
-Victims usually have more faith on these application than email. These messages are crafted in such a way to create a sense of urgency or fear, which can prompt the victim to click on the link in an attempt to quickly resolve the issue.
-In the message, they demand payment for allegedly unpaid tolls. Upon clicking the link, it prompts the user to enter personal details, which are then exploited or sold on the dark web.
-These criminals also use underground bulk messaging services to send IMs in order to target millions of users.
How to be safe:
- If you receive a message that seems to be from any service provider, contact them via their official number
- Also make sure their notification is legitimate, no matter how genuine the message may seem.
- Do not click on any link provided by these messages.
- Use built-in Spam filters and message blocking to minimize smishing attempts.
- Immediately report any suspicious messages to law enforcement and the relevant service providers.
Above steps can significantly protect you from being a victim of smishing attack and your personal information.
