Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to threat actors

chinese_smishing_syndicates

Also known aschinese_smishing_syndicates

Chinese smishing syndicates are Chinese cybercrime groups conducting large-scale SMS phishing campaigns targeting U.S. users. Reported lures include fake text messages about package deliveries and toll road payments. According to the provided content, these campaigns generated over $1 billion over the last three years, citing the U.S. Department of Homeland Security and Wall Street Journal reporting. Proofpoint observed 330,000 toll scam messages sent in a single day in the U.S. The content identifies them as cybercrime groups; no specific sub-groups or additional aliases beyond "chinese_smishing_syndicates" are provided.

Share:
Are they targeting you?

Know when an actor pivots toward your sector

Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.

Start free trial
ACTIVITY FEED

Recent activity

1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

1 SOURCESView more in app
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: sector and geo overlap with your footprint, the IOCs they’re burning right now, detection coverage, and what to do next.
Start free trial
Target overlap

Match sector + geo + tech-stack targeting against your real footprint.

Tradecraft mapping

Every observed MITRE ATT&CK technique, grouped by tactic.

Malware arsenal

Families this actor is known to deploy, with IOCs and behavior.

Exploited CVEs

CVEs this actor has used in known campaigns.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Observables

Domains, IPs, and hashes tied to this actor, refreshed continuously.