Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

The Smishing Triad: A Global Scam Operation Stealing Millions



The Smishing Triad, a group of Chinese-speaking fraudsters, has developed and operated one of the largest smishing operations in history, with around 200,000 domains used in their operations. The group's tactics have been tracked by security firms, which say that they use sophisticated software to collect and store personal information and credit card details. According to experts, there may be ways to limit the effectiveness of smishing operations, such as improved spam filtering and law enforcement targeting specific platforms and systems. However, the rise of groups like the Smishing Triad highlights the ongoing threat posed by cybercrime, emphasizing the need for continued awareness and education in online safety and security.

  • The Smishing Triad, a group of Chinese-speaking fraudsters, has developed one of the largest and most complex smishing operations in history.
  • The group has impersonated organizations and brands in at least 121 countries using around 200,000 domains in their operations.
  • The smishing operation sends millions of scam text messages every month to trick victims into divulging sensitive information.
  • The Smishing Triad uses a variety of techniques to avoid detection, including bulk SMS and message-sending services, and its own software called Lighthouse.
  • Lighthouse targets dozens of financial brands and has been updated to impersonate Australian banking brands.
  • The sophistication of smishing operations like the Smishing Triad poses a significant threat to individual and national security.
  • Smishing operations are often linked to larger cybercrime syndicates, making it difficult for law enforcement agencies to track down perpetrators.
  • Security experts suggest that limiting the effectiveness of smishing operations could be achieved through better domain detection, improved spam filtering, and targeting choke points in the supply chain.



  • The world of online scams has seen a significant escalation in recent years, with the rise of sophisticated cybercrime groups operating across multiple countries. At the forefront of this phenomenon is the Smishing Triad, a group of Chinese-speaking fraudsters who have developed and operated one of the largest and most complex smishing operations in history.

    According to recent research by security company Silent Push, the Smishing Triad has impersonated organizations and brands in at least 121 countries, with around 200,000 domains used in their operations. This staggering number is a testament to the group's scale and reach, which is estimated to be in the millions.

    The smishing operation in question involves sending millions of scam text messages every month, each designed to trick unsuspecting victims into divulging sensitive information such as credit card details. The messages follow a similar pattern, with recipients being told that they need to pay an outstanding toll road fee or have a parcel that cannot be delivered due to incomplete address information.

    The link in these messages points to a realistic website where the recipient is asked to enter more details and make a small payment – all while behind the scenes, cybercriminals are hoovering up their information and credit card digits in real time. This process requires the fraudsters to register thousands of domains and use Apple iCloud accounts.

    The Smishing Triad's tactics have been tracked by security firm Resecurity, which has found that the group uses a variety of techniques to avoid detection. One such technique is the use of "bulk" SMS and message-sending services, which allow them to send large volumes of messages with relative ease. Additionally, the group has developed its own software, called Lighthouse, to collect, manage, and store people's personal information and card details.

    The latest version of Lighthouse was updated in March this year and targets dozens of financial brands, including PayPal, Mastercard, Visa, and Stripe. Furthermore, Australian banking brands appear to be impersonated by the group, indicating a potential further expansion of their targets.

    This level of sophistication is not unique to the Smishing Triad, however. According to Grant Smith, founder of offensive cybersecurity firm Phantom Security, the vast majority of phishing kits used today are surprisingly well-put together and constantly evolving. "They are constantly developing these, constantly updating them, making them look better, making them more secure," he says.

    The impact of smishing operations like that of the Smishing Triad cannot be overstated. In addition to millions of dollars in stolen funds, these groups also pose a significant threat to individual and national security. By using their knowledge of phishing and social engineering tactics, they are able to create convincing messages that can easily trick even the most cautious users.

    Furthermore, smishing operations are often linked to larger cybercrime syndicates, which operate across multiple countries and continents. This makes it difficult for law enforcement agencies to track down the perpetrators, as they may be located in different jurisdictions or operating under different names.

    However, security experts say that there may be ways to limit the effectiveness of smishing operations. Domain registrars could get better at detecting fraudulent websites, for example, and improved spam filtering on messages would help potential victims. Additionally, law enforcement could target the platforms and systems used by these groups to create accounts and send messages.

    "Crimes have a supply chain, and you don't have to go after all the components in the supply chain," says Shawn Loveland, chief operating officer at Resecurity. "You can go after choke points in the supply chain." By targeting these choke points, it may be possible to disrupt the flow of funds and reduce the overall profitability of smishing operations.

    Ultimately, the Smishing Triad's rise to prominence is a sobering reminder of the importance of cybersecurity awareness and education. As technology continues to evolve at an unprecedented rate, we must remain vigilant in our pursuit of online safety and security.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/The-Smishing-Triad-A-Global-Scam-Operation-Stealing-Millions-ehn.shtml

  • https://www.wired.com/story/smishing-triad-scam-group/

  • https://thehackernews.com/2025/03/blacklock-ransomware-exposed-after.html

  • https://www.resecurity.com/about-resecurity

  • https://www.socinvestigation.com/comprehensive-list-of-apt-threat-groups-motives-and-attack-methods/

  • https://usa.kaspersky.com/about/press-releases/deathstalker-detailed-look-at-a-mercenary-apt-group-that-spies-on-small-and-medium-businesses

  • https://cybersecuritynews.com/apt-attack/


  • Published: Mon Apr 14 07:11:35 2025 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us