Cybercriminals have registered more than 10,000 domains for various smishing scams, according to a recent report from the threat intelligence arm at cybersecurity firm Palo Alto Networks.
Smishing scams, whose name is a combination of “SMS” and “phishing,” target victims with text messages that seek to convince them to click a malicious link or provide sensitive information.
The domains identified by Palo Alto Networks’ Unit 42 have names indicating they aim to pose as toll services and package delivery services in at least 10 U.S. states and one Canadian province.
This includes California, Florida, Illinois, Kansas, Massachusetts, Pennsylvania, New Jersey, New York, Texas, Virginia and Ontario.
“We will continue to track and block this campaign,” Unit 42 wrote.
Amid an uptick in toll-related smishing texts last year, the FBI warned Americans to delete such messages.
“The texts claim the recipient owes money for unpaid tolls and contain almost identical language,” the FBI’s Internet Crime Complaint Center (IC3) noted in a public service announcement last April.
“The ‘outstanding toll amount’ is similar among the complaints reported to the IC3,” it added. “The link provided within the text is created to impersonate the state’s toll service name, and phone numbers appear to change between states.”
