China-based SMS phishing groups, known as the "Smishing Triad," are increasingly targeting customers of international financial institutions by converting stolen payment card data into mobile wallets. Utilizing innovative phishing techniques and a vast cybercrime infrastructure, these groups are bypassing traditional SMS methods by sending messages through iMessage and RCS, achieving high delivery rates and expanding their operations globally. Experts emphasize the need for financial institutions to adopt more secure methods for verifying card enrollments to combat this rising threat.

Scammers are exploiting unsecured cellular routers from Milesight IoT to launch SMS phishing campaigns, known as smishing, that have been active since October 2023. Researchers found over 18,000 routers exposed online, with many allowing unauthorized access and running outdated firmware, making them an effective tool for decentralized phishing efforts targeting users in multiple countries.

A significant smishing campaign attributed to a Chinese-speaking threat actor, known as the Smishing Triad, has exploited over 194,000 domains to gather sensitive information, including Social Security numbers. The campaign impersonates various services, targeting users worldwide, and employs a decentralized approach to evade detection.

Silent smishing exploits vulnerable cellular router APIs to conduct phishing attacks via SMS, allowing attackers to access sensitive information without authentication. The article discusses various attack methods, including the impersonation of legitimate organizations, and emphasizes the need for vigilance against such threats.