Tag: smishing
-
Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation
The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since January 1, 2024, targeting a broad range of services across the world, according to new findings from Palo Alto Networks Unit 42.”Although these domains are registered through a Hong Kong-based registrar and use Chinese nameservers, the…
-
‘Jingle Thief’ Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards
Tags: cloud, credentials, cybercrime, cybersecurity, exploit, group, hacker, infrastructure, network, phishing, service, smishingCybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud.”Jingle Thief attackers use phishing and smishing to steal credentials, to compromise organizations that issue gift cards,” Palo Alto Networks Unit 42 researchers…
-
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats
Paris, France, 24th October 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/arsen-launches-smishing-simulation-to-help-companies-defend-against-mobile-phishing-threats/
-
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats
Paris, France, 24th October 2025, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/arsen-launches-smishing-simulation-to-help-companies-defend-against-mobile-phishing-threats/
-
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats
Paris, France, 24th October 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/arsen-launches-smishing-simulation-to-help-companies-defend-against-mobile-phishing-threats/
-
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats
Paris, France, 24th October 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/arsen-launches-smishing-simulation-to-help-companies-defend-against-mobile-phishing-threats/
-
AI browsers can be abused by malicious AI sidebar extensions: Report
‘Dumpster fires’: David Shipley, head of Canadian employee security awareness training firm Beauceron Security, agrees.”I think if CISOs are bored and want to spice up their lives with an incident, they should roll out these AI-powered hot messes to their users,” he said .”But, if they’re like most CISOs and they have lots of problems,…
-
Tired of Unpaid Toll Texts? Blame the ‘Smishing Triad’
Chinese smishers, the bane of every American with a phone, have been shifting to lower-frequency, possibly higher-impact government impersonation attacks. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/unpaid-toll-texts-smishing-triad
-
Global SMS Phishing Campaign Traced to China Targets Users Worldwide
A sophisticated and widespread smishing campaign originating from China has emerged as a significant threat to users worldwide. Researchers have attributed the ongoing attack to a group known as the Smishing Triad, which has demonstrated unprecedented scale and complexity through a decentralized infrastructure capable of registering and churning thousands of malicious domains daily. Since January…
-
Researchers track surge in high-level Smishing Triad activity
The China-linked operation has grown from a phishing kit marketplace into an active and growing community supporting a decentralized large-scale phishing ecosystem. First seen on cyberscoop.com Jump to article: cyberscoop.com/unit-42-chinese-language-phishing-operation-smishing-triad/
-
Researchers track surge in high-level Smishing Triad activity
The China-linked operation has grown from a phishing kit marketplace into an active and growing community supporting a decentralized large-scale phishing ecosystem. First seen on cyberscoop.com Jump to article: cyberscoop.com/unit-42-chinese-language-phishing-operation-smishing-triad/
-
“Jingle Thief” Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards
Tags: cloud, credentials, cybercrime, cybersecurity, exploit, group, hacker, infrastructure, network, phishing, service, smishingCybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud.”Jingle Thief attackers use phishing and smishing to steal credentials, to compromise organizations that issue gift cards,” Palo Alto Networks Unit 42 researchers…
-
Verizon: Mobile Blindspot Leads to Needless Data Breaches
People habitually ignore cybersecurity on their phones. Instead of compensating for that, organizations are falling into the very same trap, even though available security options could cut smishing success and breaches in half. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/verizon-mobile-blindspot-data-breaches
-
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive.Hackers don’t always break systems anymore, they use them. They hide inside…
-
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive.Hackers don’t always break systems anymore, they use them. They hide inside…
-
Fake ‘Inflation Refund’ texts target New Yorkers in new scam
An ongoing smishing campaign is targeting New Yorkers with text messages posing as the Department of Taxation and Finance, claiming to offer “Inflation Refunds” in an attempt to steal victims’ personal and financial data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-inflation-refund-texts-target-new-yorkers-in-new-scam/
-
Threat Actors Imitate Popular Brands in New Malware Distribution Campaigns
In a sophisticated resurgence of smishing campaigns, cybercriminals have begun embedding trusted brand names into deceptive URLs and group messaging threads to lure unsuspecting users into downloading malware. By inserting a familiar company name before the “@” symbol in links, attackers exploit users’ trust in established entities such as FedEx and Microsoft. Coupled with deceptively…
-
Threat Actors Imitate Popular Brands in New Malware Distribution Campaigns
In a sophisticated resurgence of smishing campaigns, cybercriminals have begun embedding trusted brand names into deceptive URLs and group messaging threads to lure unsuspecting users into downloading malware. By inserting a familiar company name before the “@” symbol in links, attackers exploit users’ trust in established entities such as FedEx and Microsoft. Coupled with deceptively…
-
Silent Smishing: Abuse of Cellular Router APIs in Phishing Campaigns
Attackers exploit vulnerable cellular routers to send large-scale smishing messages that bypass traditional defenses. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/silent-smishing-abuse-of-cellular-router-apis-in-phishing-campaigns/
-
Smishing Campaigns Exploit Cellular Routers to Target Belgium
New smishing attacks exploit Milesight routers to send phishing texts targeting Belgian users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/smishing-exploit-cellular-routers/
-
Hackers Use Cellular Router API to Send Malicious SMS with Weaponized Links
The monitoring and analysis of vulnerability exploitations are among the primary responsibilities of Sekoia.io’s Threat Detection & Research (TDR) team. Using honeypots, the team monitors traffic targeting edge devices and internet-facing applications. On 22 July 2025, suspicious network traces appeared in our honeypots, reveals that a cellular router’s API was exploited to deliver smishing campaigns…
-
When ‘Oprah’ Smished Me: Smishing and AI-Driven Phishing Risks
An “Oprah” smishing scam shows how AI makes phishing smarter. Learn how to spot, stop, and protect yourself from evolving mobile threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/smished-by-oprah/
-
When ‘Oprah’ Smished Me: Smishing and AI-Driven Phishing Risks
An “Oprah” smishing scam shows how AI makes phishing smarter. Learn how to spot, stop, and protect yourself from evolving mobile threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/smished-by-oprah/
-
SMS Pools and what the US Secret Service Really Found Around New York
Tags: apple, authentication, business, china, conference, control, country, credit-card, crime, crypto, data, email, exploit, finance, fraud, google, group, Hardware, infrastructure, iphone, jobs, korea, law, linux, mfa, mobile, phishing, phone, scam, service, smishing, software, theft, usa, windowsLast week the United Nations General Assembly kicked off in New York City. On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services…
-
Smishing, Vishing, Whaling: Diese 9 Phishing-Fallen solltet ihr kennen
First seen on t3n.de Jump to article: t3n.de/news/smishing-vishing-whaling-diese-9-phishing-fallen-solltet-ihr-kennen-1679869/
-
TDL003 – Breaking Barriers: IPv6 Adoption and DNS Transformation with Tommy Jensen
Tags: access, ai, apple, attack, backup, banking, browser, business, ceo, chrome, ciso, compliance, computer, computing, control, country, credentials, cybersecurity, data, data-breach, ddos, dns, encryption, endpoint, google, government, group, international, Internet, jobs, law, microsoft, mobile, network, phishing, phone, privacy, programming, radius, risk, service, smishing, strategy, switch, technology, threat, update, vpn, windows, zero-trustSummary This episode of the Defender’s Log features special guest Tommy Jensen, an internet technologist specializing in IPv6, Zero Trust, and standards. Jensen’s career path, from an AppleCare contractor to a key figure in advancing internet technologies, is explored. The discussion highlights the critical importance and challenges of migrating to IPv6 and the necessity of…