Massive Registration of Suspicious Domains

Recent findings from cybersecurity firm Palo Alto Networks’ Unit 42 have uncovered a staggering registration of more than 10,000 domains linked to potential smishing activities. These domains typically masquerade as toll and package delivery services, targeting residents in various U.S. states, including Virginia, California, Florida, Illinois, Kansas, Massachusetts, Pennsylvania, New Jersey, New York, and Texas, as well as in Ontario, Canada.

This scheme is aimed at tricking individuals into revealing sensitive personal and financial data, such as credit card and banking details.

New Techniques Targeting iPhone Users

In a novel approach, the scammers are focusing on Apple iPhone users by taking advantage of a security feature that prevents unknown senders’ messages from displaying links. The deceptive texts instruct users to respond with a ‘Y’ to enable link visibility in iMessages. This technique could potentially expose users to further risks by encouraging engagement with the smishing messages.

FBI’s Advice on Handling Suspicious Messages

The FBI continues to advise anyone who receives text messages claiming unpaid tolls or other suspicious communications to promptly delete those texts. It is crucial for the public to remain vigilant and cautious regarding unsolicited messages.

For those who receive such messages, complaints can be filed online with the Internet Crime Complaint Center (IC3) at www.ic3.gov.