Amid rise in cyberattacks in US states on iPhone and Android, know what is smishing and why the FBI is alarmed

The FBI is urging smartphone users, on iPhone as well as Android, across the US to practise caution against a growing cyber threat, wherein fraudsters seek to use malicious text messages in an attempt to lure unsuspecting citizens and steal their personal and financial information, multiple news reports say. The agency has reportedly advised users to delete any such text messages from their devices. The scale of the scam continues to expand throughout the US, moving "from state to state", as per a purported nationwide warning issued by the FBI.

Smishing attacks targeting iPhone, Android users

Called "smishing", the fraudulent scheme is being used to target iPhone and Android users, according to media reports. In a report by cybersecurity firm Palo Alto Networks, the company's Unit 42, which specialises in threat intelligence and incident response, has revealed that a particular threat actor has registered "over 10,000 domains" to carry out various smishing scams.

Also Read : Atlanta Falcons sign two-year contract with cornerback Mike Ford: Report

Toll payment and delivery service alerts weaponised

Smishing earlier used to target smartphone users using fraudulent toll payment notifications. However, scamsters have lately begun using fake delivery service alerts to deceive users into clicking malicious links. In its report, Unit 42 noted that the structure of the root domains used in the latest wave of smishing attacks consist of a root domain beginning with "com-" placed next to a subdomain. This, the report suggests, might make it difficult for the untrained eye to detect. Unit 42 identified a list of a dozen malicious domains, all of which used China’s .XIN top-level domain (TLD). These domains are:

- dhl.com-new[.]xin

- driveks.com-jds[.]xin

- ezdrive.com-2h98[.]xin

- ezdrivema.com-citations-etc[.]xin

- ezdrivema.com-securetta[.]xin

- e-zpassiag.com-courtfees[.]xin

- e-zpassny.com-ticketd[.]xin

- fedex.com-fedexl[.]xin

- getipass.com-tickeuz[.]xin

- sunpass.com-ticketap[.]xin

- thetollroads.com-fastrakeu[.]xin

- usps.com-tracking-helpsomg[.]xin

Template used in smishing attacks

A common template for messages used in smishing attacks asks smartphone users to visit a fraudulent website link in order to settle outstanding toll payments. These messages are designed to appear as if they are coming from a legitimate state toll service provider. "...the link provided within the text is created to impersonate the state's toll service name, and phone numbers appear to change between states," FBI said in a statement cited by Newsweek.

What the FBI and FTC advise

The FBI advises the public to file a complaint with its Internet Crime Complaint Center (IC3) in the event they receive a suspicious text message. Both the FBI and the FTC urge citizens to verify any outstanding payments through official channels, including the relevant toll service's website or its customer service.

Also Read : Global trade tensions escalate as EU and Canada impose retaliatory tariffs on US goods: Here’s what it means

FAQs

What is smishing?
Smishing is a scam that seeks to employ malicious text messages to lure unsuspecting citizens in order to steal their personal and financial information.

What is the latest strategy used by fraudsters behind smishing?
Smishing scamsters have now taken to using fake delivery service alerts to deceive users into clicking malicious links. Earlier, the scheme used to target users with the help of fraudulent toll payment notifications.