Delete Any Message On Your Smartphone If You See This Word
This word means danger — every time.
getty
American smartphone users are under attack from billions of malicious text messages courtesy of organized criminal gangs in China. Whether unpaid tolls, undelivered packages or DMV motoring offenses, the theme is the same. An urgent threat with a payment link that directs to a fake website which steals your financial details.
Proofpoint warns that “there was a 2,534% increase” in such threats last year, and nothing has changed since. Guardio has just detected “a new wave of DMV scam texts hitting the U.S. In just the past week, its team has spotted a 56.8% rise in DMV scam texts, with August 11 marking the peak so far.”
While it’s easy to avoid these malicious texts if you know to beware a particular lure. Unpaid tolls and DMV offenses have generated a tidal wave of publicity, and most Americans will have seen at least some of this by now. But these lures can be easily changed. The one thing that doesn’t change, though, is the use of a malicious link.
Sometimes that’s enough to raise a red flag. While there are clever ruses, where attackers design URLs that use dashes to form a “[.TEXT]-COM” which might trick a cursory glance into thinking it’s a genuine .COM address. But usually it’s much easier to quickly detect the issue and determine the text is a malicious fake (1,2,3).
How to spot the .XIN domain.
Resecurity / Trace Security / ThreatStop
In the most recent “Ranking of TLDs by Phishing Domains,” from May through July this year, the top level domain (TLD) that stands out more than any other is .XIN. And URLs under that TLD are a driving force behind many of these attacks. It’s not the most popular TLD, but it’s the one that’s almost guaranteed to be a scam. Every single time.
Almost 22,000 of the near 50,000 .XIN top level domains are “phishing domains.” That compares to just 35,000/1,350,000 for .VIP or 115,000/4,500,000 for .TOP, two other phishers’ favorites. Nothing comes close to .XIN when it comes to its relative threat. That’s why this TLD tops the phishing domain score with 4421 versus 16 for .COM.
.XIN is a Chinese domain operated out of Hong Kong. The word means “new” and claims to be aimed at Chinese tech innovators. Instead it’s the most obviously and openly dangerous TLD in the world. If you see .XIN in any link in an email, social media post or especially a text, delete the message right away — certainly never click it.
“For many of us,” Proofpoint says, “our smartphone contains the keys to both our personal and professional lives. Unsurprisingly, cybercriminals have recognized this is a two-for-one opportunity and increased their targeting of mobile devices. When it comes to attacking users across multiple devices, URL-based threats are the perfect tool.”