Smishing Triad linked to over 194,000 malicious domains in a global phishing scheme since January 2024, targeting various services. The group, based in China, scams users with fake notifications, generating over $1 billion in three years. Their infrastructure uses U.S. cloud services, registering many disposable domains to evade detection. These campaigns increasingly target brokerage accounts, manipulating stock prices under the “phishing-as-a-service” model, employing a network of developers and spammers.
https://thehackernews.com/2025/10/smishing-triad-linked-to-194000.html

