Here is a rewritten version of the content without changing its meaning, retaining the original length, and keeping proper headings and titles as required:
Chinese phishing attackers are reportedly targeting US residents with deceptive text messages that appear to be from US toll road operators. These “smishing” texts are said to be targeting iPhone and Android users across America with fake toll bills. The FBI has advised users to delete these texts immediately, as the scale of this issue is being described as “astronomical” by a cyber expert. According to a report by the Anti-Phishing Working Group (APWG), US residents are being bombarded with text messages from Chinese phishers, pretending to come from US toll road operators, including the multi-state E-ZPass. These kits also send package! delivery and other fake messages, which is being described as an infrastructural attack on phones. In December 2024, the FBI also warned Americans to stop sending texts due to Chinese hackers.
What the FBI said about the scam
In a statement to Forbes, the FBI said: “The texts claim the recipient owes money for unpaid tolls and contain almost identical language. The ‘outstanding toll amount’ is similar. However, the link provided within the text is created to impersonate the state’s toll service name, and phone numbers appear to change between states.”
Attackers are reportedly registering tens of thousands of domains to impersonate state and city toll agencies, using an advanced phishing kit from China to send nearly identical scam texts.
These messages, often sent to random phone numbers regardless of toll usage, usually include links with Chinese top-level domains like .TOP, .CYOU, and .XIN—the .TOP domain in particular has a history of abuse and remains under ICANN investigation. Despite available anti-spam measures on SMS and RCS protocols, scammers continually change tactics, making prevention difficult. Users are urged to report these scams to help improve global blocking mechanisms and to verify toll charges only through official sources while taking precautions such as changing passwords if they click on any suspicious links.
Source Link
