The iPhone, Android users “bombed” by the Chinese attack – do not ignore FBI warning

Stop sending texts, the FBI told the Americans in December as the Chinese hackers brought to the US networks. But the office warns that there is another text threat that now scans all over America “from state to state“And this is more likely to get you, stealing your money, maybe even your identity. And it is also made in China.

We’re talking about the “Smishing” texts that now target iPhone and Android phones throughout America with fake toll accounts. FBI tells users to delete all these texts immediately. And there are many of them. The scale of this is now “astronomical“With an expert in cyberspace indicating” it would be so worrying to know what is true, the real cost is “. It’s definitely beyond a scam, it’s an attack, he says, he says Tension.

In a new report, the working group against phishing (Apwg) Paints a gloomy image. “US residents are bombarded with text messages by Chinese Phishers, who claim to come from US toll agencies, including multinational Ezpass.” Do not reject this as fraud of fraud. The same package packages kits and other fake messages in the same sense of functions, only different texts and links. This can be tuned to any lure. It is an infrastructure attack on our phones, not a campaign.

And don’t reject it as a trick to steal a few dollars – this is not the point at all. “They are not interested in the seven dollars,” says Aidan Holland of Censys, “they want your credit card number.” THE Ftc He says it’s even worse, that your recognition could be stolen.

TowerNew Apple Password attack-don’t use this connectionWith Zak doffman

“The texts,” the FBI says, “claim that the recipient owes money for unpaid tolls and contains almost identical language.

The reason why the links are different is that the attackers are Entry tens of thousands of sectors mimic toll and cities and clicks. And the reason why all the texts seem similar is that they are made of “an upgraded phishing kit in China, which makes it simple to send text messages and start electronic fishing sites that violate multiple road operators”.

This is the essence of APWG warning, which points out that “the phone numbers that phishers send the messages are usually accidental – sometimes sent to people who do not use toll roads or target users in the wrong situation.

But top -level areas are almost always Chinese, which is “a way to locate these fraud messages”. Look for “less well -known top -level areas such as .top, .cyou and .xin”. Its sector.

This is where it becomes interesting. APWG says that “the .top register has long -term compliance problems. ICANN issued a letter of breach to the Top Register in July 2024, stating that the failures of the Top to comply with the reference and mitigation requirements of March 2025 are still presenting the case of 2025. Icann ”.

It should be quite easy to stop, right? Certainly the networks or telephone manufacturers can block the texts with these links or provide new measures against Scam to stop ringing phones. Wrong. SMS and now RCs are open protocols and while spam measures are supposed to do not work. This should be easy – it’s not clear.

TowerFree Microsoft windows upgrade – don’t wait until it’s too late “With Zak doffman

Trend Micro has an entire section on its website dedicated to toll scam. The company’s Jon Clay said Cnbc This week that “Apple does nothing about it … Android will add it to the list of unwanted messages so you don’t get texts from the same number, but then the scammers will only change the numbers.

APWG reports that recipients of such fraud texts – of which there are now hundreds of thousands now – can “contribute to informing notice/exclusion mechanisms that protect billions of devices and software customers worldwide” by reporting these IC3.GOVs to FBI or APWG.org.org.

In the meantime, the FBI says “Check your account using the legal website of the toll service. Contact the Toll Service Customer Service Number, [and] Delete any texts received by the texts. “If you click on the link and provide information, check your accounts and change your key passwords, even if you have not made payment.