Urgent Action: Users of Smartphones Advised to Instantly Erase Specific Messages, as per FBI Admonition
In a relentless surge of cybercrime, organized Chinese criminal gangs are orchestrating sophisticated phishing-as-a-service (PhaaS) schemes, targeting iPhone and Android users worldwide with text message scams, or "smishing." These sophisticated operations leverage Telegram-based marketplaces to provide phishing kits, pre-loaded burner phones with stolen payment card credentials, and infrastructure to distribute malicious SMS at scale.
The scams often impersonate banks, brokerage firms, or service providers, pushing victims to fake websites or mobile wallet apps to steal credentials and one-time passcodes, enabling theft of payment cards, brokerage accounts, and financial assets. Notably, recent campaigns have seen a surge in DMV-themed messages, with states like Florida, Georgia, Virginia, and Iowa reporting a new wave of such texts.
Key elements of these operations include phishing-as-a-service platforms, ghost-tapping and burner phones, text message delivery via spoofed services, and the recruitment of mules. Syndicates like one led by a figure known as “Lao Wang” set up Telegram channels as marketplaces, rapidly growing membership and shifting from simple text scams to creating fake e-commerce sites promoted on social media platforms for broader reach.
Groups provide burner phones pre-loaded with stolen card data to multiple syndicates. These phones are sold on Telegram and enable widespread use of stolen payment credentials via digital wallets like Apple Pay and Google Wallet. Scams are sent through Apple’s iMessage and the Rich Communication Services (RCS) on Android, spoofing legitimate entities to lure victims to phishing pages that harvest usernames, passwords, and authentication codes to bypass multi-factor authentication. Chinese-speaking criminals recruit mules, sometimes traveling abroad, to purchase and resell luxury goods bought fraudulently, laundering stolen funds.
Measures being taken to counter this surge in text message scams include law enforcement coordination, telecommunications sector interventions, legal frameworks enabling rapid action, international diplomatic pressure, and technology and monitoring. Agencies like the Australian Federal Police through the Joint Policing Cybercrime Coordination Centre (JPC3) collaborate internationally to disrupt payment redirection scams and prosecute money mules. Industry codes such as Australia’s Reducing Scam Calls and Scam SMS Industry Code have blocked hundreds of millions of scam messages.
Laws like Australia’s Cyber Resilience Framework (2023) and Surveillance Legislation Amendment (Identify and Disrupt) Bill (2020) allow authorities to quickly take down suspicious domains, crypto wallets, and websites associated with these scams. China, affected by these scams targeting its citizens, uses diplomatic influence to pressure neighboring countries to prosecute cyber scam operations, although geographic dispersal of operations complicates containment. Cybersecurity firms actively track and analyze phishing kit sellers and their Telegram channels to understand and disrupt their tactics.
Despite these efforts, the professionalization, scale, and use of sophisticated technologies by these Chinese criminal syndicates continue to pose significant challenges in stemming the wave of smishing-based text message scams targeting mobile users globally. The number of scam texts has not slowed down since the initial surge, and the effectiveness of these measures against evolving threats is unclear.
- Organized Chinese criminal gangs are utilizing sophisticated phishing-as-a-service (PhaaS) schemes, often impersonating banks, brokerage firms, or service providers, to steal financial credentials from iPhone and Android users worldwide.
- In an effort to combat these scams, industries and governments are collaborating to disrupt payment redirection scams, prosecute money mules, and take down suspicious domains associated with these operations.
- Notable laws like Australia's Cyber Resilience Framework (2023) and Surveillance Legislation Amendment (Identify and Disrupt) Bill (2020) provide authorities with the power to act quickly against these scams, but the geographic dispersal of operations complicates containment.
- With Chinese criminal syndicates professionalizing their tactics and using advanced technologies, the number of smishing-based text message scams targeting mobile users globally continues to be a significant challenge, and the effectiveness of current measures against evolving threats is unclear.
