Threat Research

We’ve identified an SMS phishing (smishing) campaign posing as the California Franchise Tax Board. The fraudulent websites use domain names that combine terms like “FTB,” “CA,” and “gov” to deceive users. These sites falsely promise tax refunds, but their true purpose is to harvest sensitive personal information, including Social Security numbers, addresses, and payment details...

Our team discovered an Android malware, “SikkahBot,” active since July 2024, targeting students in Bangladesh. Disguised as apps from the Bangladesh Education Board, it lures users with fake scholarships to steal sensitive data....

Since mid-October 2024, ongoing smishing campaigns have impersonated U.S. toll road payment services like E-ZPass in an effort to commit financial fraud....

Cybercriminals in the UAE are impersonating Dubai Police to defraud consumers, using social engineering tactics such as smishing, phishing, and vishing. Victims are tricked into paying non-existent fines, including traffic tickets and license renewals, via fraudulent phone calls....

A threat actor has registered over 10,000 domains with the "com-" prefix for SMS phishing (smishing) scams. These domains impersonate toll and package delivery services across 10 U.S. states (CA, FL, IL, KS, MA, PA, NJ, NY, TX, VA) and Ontario, Canada....

Since late last year, we’ve tracked phishing campaigns mimicking postal services globally. Each day, we encounter numerous newly-registered domains and over 200 hits on malicious sites posing as postal services. These campaigns frequently use SMS ("smishing") to distribute phishing URLs....