"Since 2023, the Chinese cybercrime economy - specifically phishing websites - have seen their illicit business boom. These are the financial fraudsters that target victims via text-message phishes with lures like "your package is missing," or "you have a toll violation." Increasingly, they use iMessage and RCS instead SMS to send text messages, which means the texts can bypass SMS firewalls."
"These phishing kits make it especially easy for financial fraudsters to send phishing lures in bulk, tailored to victims' specific languages and regional brands. In research shared exclusively with The Register, threat hunters at SpyCloud and urlscan dove deep into one of these phishing-as-a-service panels. It's called YYlaiyu - which roughly translates to erotic fantasizing about catching fish - and earlier this year, the DIY phishing service began offering bespoke brand templates to its subscribers."
A Chinese-developed phishing-as-a-service panel named YYlaiyu has been active since at least September 2024, hosted on thousands of domains and offering 97 brand templates. The kit enables mass distribution of localized text-message phishes via SMS, iMessage and RCS, allowing messages to bypass SMS firewalls. It provides bespoke templates impersonating shipping firms (DHL, FedEx), cryptocurrency and trading platforms (Coinbase, Tiger Brokers, Futu NiuNiu), streaming and delivery apps (TikTok, Keeta), airlines (All Nippon Airways, Quantas), and investment firms (Fidelity, Schwab). The service lowers technical barriers for fraudsters, expanding global financial fraud campaigns.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]