https://krebsonsecurity.com/2025/12/sms-phishers-pivot-to-points-taxes-fake-retailers
China-based phishing groups, known for relentless scam SMS messages about wayward packages or unpaid toll fees, have now set their sights on a new target: the holiday shopping season. These cybercriminals are promoting phishing kits that enable the mass creation of fake but convincing e-commerce websites, designed to steal customers’ payment card data and convert it into mobile wallets from Apple and Google.
Experts have observed these phishing groups employing a variety of lures, including promises of unclaimed tax refunds and the opportunity to claim thousands of mobile rewards points from telecom providers like T-Mobile and AT&T. The scam websites, which only load on mobile devices, ask victims to provide their personal information and payment card data under the guise of claiming these rewards or refunds. Once the victim’s card details are obtained, the criminals attempt to enroll them in a mobile wallet that they control.
These fake e-commerce sites can be particularly difficult to detect and shut down, as they do not engage in widespread spamming tactics that would draw attention. Instead, they are often advertised on search engines and social media, preying on consumers searching for holiday deals. While many SMS phishing domains are quickly flagged as malicious, these more targeted e-commerce scams can remain active for months, leaving unsuspecting shoppers vulnerable to fraud. Consumers are advised to be vigilant, shop only at trusted online retailers, and report any suspicious SMS phishing messages to help combat this surge of holiday-themed cybercrime.