Just a sample of the Echomail archive
Cooperative anarchy at its finest, still active today. Darkrealms is the Zone 1 Hub.
|    CONSPRCY    |    How big is your tinfoil hat?    |    2,445 messages    |
[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]
|    Message 756 of 2,445    |
|    Mike Powell to All    |
|    Massive SMS scam sweeping    |
|    15 Mar 25 09:09:00    |
      TZUTC: -0500       MSGID: 471.consprcy@1:2320/105 2c3ac230       PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0       TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0       BBSID: CAPCITY2       CHRS: ASCII 1       A massive SMS toll fee scam is sweeping the US heres how to stay safe,       according to the FBI              Date:       Sat, 15 Mar 2025 10:45:00 +0000              Description:       A widespread SMS scam is targeting thousands of smartphone users in the US       here's how to stay safe.              FULL STORY       ======================================================================        - US smishing scam claims that unpaid toll service fees are due        - SMS messages include a bogus link to make an online payment        - Cybercriminals are using more than 10,000 domains to trick recipients              A widespread SMS scam is targeting thousands of smartphone users in the US.       Fraudsters are sending bogus texts demanding payment for unpaid road tolls.       Their goal isnt just to swindle innocent recipients out of their money, but       also their personal and financial information.               Reports of the smishing scam first surfaced last year. In April 2024, the        FBIs Internet Crime Complaint Center (IC3) issued a notice about fake toll       service text messages , after receiving more than 2,000 complaints from US       citizens.               Since then, the scale of the scheme appears to have grown. Cities in several       US states have now issued warnings, including Boston , Denver and San       Francisco . McAfee has also highlighted cities most affected by the scheme:       the top three are Dallas, Atlanta and Los Angeles.              How the smishing scam works              Based on screenshots weve seen, text messages in the toll scam all appear to       follow a similar structure. Each SMS claims to be from a legitimate toll       service and states that there is an unpaid fee. It then instructs the       recipient to pay the outstanding toll within a set time period to avoid late       fees and a referral to the DMV. A URL is then provided, which directs uses to       a bogus payment page.               This page is designed to look convincingly like a legitimate toll service       payment website. It will often feature a logo, business name and street       address. It will also state the supposed time and date of the unpaid fee. A       threat actor leveraging the same naming pattern has registered 10K+ domains       for various #smishing scams. They pose as toll services for US states and       package delivery services. Root domain names start with "com-" as a way to       trick victims.              If you click the payment link, the website will then ask for payment       information. Sometimes it will also request sensitive personal information,       such as your driving license number. If you submit this information, youre       actually giving it to the fraudsters, exposing yourself to identity theft.               The scam uses the same tactics as most phishing scams , creating a sense of       urgency by demanding payment within a short time period. The threat of legal       action increases the likelihood of an emotional reaction , which could cause       users to overlook inconsistencies in the original SMS or linked payment page.               The scam uses the same tactics as most phishing scams, creating a sense of       urgency by demanding payment within a short time period.               Reports also suggest that there are variations of the scam. In some        instances, it appears that cybercriminals have varied the contents of the SMS       and payment page to target users in specific states. One screenshot weve seen       claims to be from the City of New York. For some recipients, this could make       the message more believable than a generic alert.               Recent intelligence from Palo Alto Networks Unit 42 reports that scammers        have registered more than 10,000 domain names. Each of these is designed to        be ambiguous enough that a casual glance might not reveal the deceit. Not        only do the new domains suggest that the scam is still ongoing, but certain       URLs indicate that it could be expanding to include fake messages from       delivery companies an increasingly common tactic .               Here are a few of the domains listed in the notice: dhl.com-new[.]xin       driveks.com-jds[.]xin ezdrive.com-2h98[.]xin        ezdrivema.com-citations-etc[.]xin ezdrivema.com-securetta[.]xin       e-zpassiag.com-courtfees[.]xin e-zpassny.com-ticketd[.]xin       fedex.com-fedexl[.]xin getipass.com-tickeuz[.]xin sunpass.com-ticketap[.]xin       thetollroads.com-fastrakeu[.]xin usps.com-tracking-helpsomg[.]xin              How to stay safe              As with any smishing or phishing scam, the best way to stay safe is to       practice caution. If you receive an unexpected SMS about unpaid toll fees,       theres a good chance its a scam. Pause before you act on any information in       the message and dont click on any links.               Pay attention to details in the message. Scam texts will often feature       grammatical errors or formatting inconsistencies, such as the placement of       punctation. A closer look at the URL will often reveal that its illegitimate,       too.               If in doubt, contact the genuine toll service in question. Never click the       link in the SMS. Instead, find the services real website or contact number       using a trusted search engine and reach out for clarification.               The scam is now so extensive that the US Federal Trade Commission has issued       advice to the same effect, as has the FBI. If you do discover a bogus or       suspicious SMS, the instructions of both agencies are the same: report and       delete the messages. You can do this on the IC3 website .              ======================================================================       Link to news story:       https://www.techradar.com/computing/cyber-security/a-massive-sms-toll-fee-scam       -is-sweeping-the-us-heres-how-to-stay-safe-according-to-the-fbi              $$       --- SBBSecho 3.20-Linux        * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)       SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30       SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664       SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45       SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35       PATH: 2320/105 229/426           |
[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]
(c) 1994, bbs@darkrealms.ca