Smishing Triad expands phishing campaign with global domain churn.

A decentralized smishing campaign has used over 194,000 domains since January 2024 to impersonate services ranging from toll agencies to banks and social media platforms. Palo Alto Networks attributes the attacks to a Chinese-speaking group called Smishing Triad, which targets users worldwide through urgent, personalized SMS messages. The campaign relies on short-lived domains and a phishing-as-a-service model involving multiple specialized roles. Most victims are in the U.S., but attacks have reached dozens of countries across Europe, Asia, and the Americas.

Read more:

https://www.securityweek.com/massive-china-linked-smishing-campaign-leveraged-194000-domains/