21ьз╕ C

APWG Q4 Report: Phishing Trends Upward and Toll Road Scams Flood Phones

News Provided by ACCESS Newswire2025-03-20

Chinese Phishing Kits and Cheap Domain Names Fuel Toll-Road Billing Scams

CAMBRIDGE, MASSACHUSETTS / ACCESS Newswire / March 20, 2025 /The APWG 's new Phishing Activity Trends Report reveals that residents of the United States are being bombarded with text messages from Chinese phishers, purporting to come from U.S. toll road operators, including the multi-state EZPass system. Leveraging new phishing kits and the .TOP gTLD, Chinese phishers are flooding smartphones with SMS-b

Leveraging new phishing kits and the .TOP gTLD, Chinese phishers are flooding smartphones with SMS-b
Leveraging new phishing kits and the .TOP gTLD, Chinese phishers are flooding smartphones with SMS-based phishing messages

The text messages warn recipients that they face fines or loss of their driving license if they don 't pay their tolls online. Researchers have found that this phishing is enabled by an upgraded phishing kit sold in China, which makes it simple to launch text messages and phishing sites that spoof toll road operators in multiple U.S. states.

APWG Senior Research Fellow Greg Aaron notes: "The phishers set up these phishing sites using cheap domain names they register in lesser-known top-level domains such as .TOP, .CYOU, and .XIN. This is one way to spot these scam messages. And remember, the real toll operators never ask customers to click a link to pay for tolls."

APWG recommends sending copies of malicious SMS or text messages to APWG 's global eCrime eXchange (eCX). Report (and then delete) the suspicious text messages to update blocking systems that protect users. Users can upload scam messages here: https://apwg.org/sms

Phishing trended upward in the fourth quarter of 2024, with 989,123 phishing attacks observed, up from 877,536 in Q2 and 932,923 in Q3. OpSec Security found that the SAAS/Webmail category was the most-attacked sector, with social media sites close behind.

Phishing against the Financial Institution (banking) segment continued to fall, and 11.9 percent of all attacks, in Q4 2024, down from 24.9 percent of all attacks in Q3 2023.

Business e-mail compromise (BEC) attacks remained a menace. Fortra examined thousands of BEC attacks in 4Q 2024. Fortra found that the average amount requested in wire transfer BEC attacks in Q4 2024 was $128,980, nearly double the third quarter 's average of $67,145. The total number of wire transfer BEC attacks in Q4 decreased by 21 percent compared to the third quarter.

Matthew Harris, Senior Product Manager, Fraud at OpSec Security, remains concerned about vishing. Harris said: "OpSec has recently deployed new detection mechanisms, and we expect these to bring in additional detections in the future, especially fraud being communicated via SMS messages. We are continuing to see scammers branching out to attack new companies and industries, such as public utilities, car parking meter systems, and bridge toll collection systems."

The full text of the report is available here:

https://docs.apwg.org/reports/apwg_trends_report_q4_2024.pdf

About the APWG

Founded in 2003, the Anti-Phishing Working Group (APWG) is the global coalition focused on unifying the global response to electronic crime.

Contacts

For media inquiries related to the APWG, please contact APWG Secretary General Peter Cassidy (pcassidy@apwg.org, +1.617.669.1123). Or for company-specific content related to this release, please contact: Stefanie Wood Ellis of OpSec Security (sellis@opsecsecurityonline.com); Rachel Woodford of Fortra (Rachel.Woodford@fortra.com).

Contact Information

Peter Cassidy
Secretary General
pcassidy@apwg.org
617-669-1123