Chinese criminal groups have turned the distribution of fraudulent SMS messages in the United States into a profitable business worth more than $1 billion over the past three years, the WSJ reports, citing a report by the Department of Homeland Security. These are so-called “text scams” with messages about allegedly overdue tolls or debts to the postal service. The goal is to force victims to enter bank card details on phishing sites.
The information obtained is used by fraudsters to purchase iPhones, clothing, cosmetics, or gift certificates. They often transfer cards to Google and Apple Wallet digital wallets in Asia, then share them with executors in the United States. This allows purchases to be made without re-authentication, as if the owner himself approved the transactions.
The distribution is done through SIM farms—rooms filled with hundreds of SIM cards that allow one person to send as many messages as a thousand regular numbers. At least 38 such farms have been discovered in the US, in cities like Houston, Los Angeles, Phoenix, and Miami. They are set up by local workers hired through WeChat, who receive technical instructions and support.
According to Proofpoint, Americans received a record 330,000 fraudulent SMS messages in just one day last month. The average monthly volume of such messages is three times higher than at the beginning of 2024.
Phishing sites created through Telegram tools allow fraudsters to monitor in real time what the victim is typing. The key point is to obtain a one-time banking password, thanks to which the attackers can add the card to their digital wallet.
The criminals then recruit 400-500 “mules” every day—Americans who shop with the stolen money. Their compensation is meager: about 12 cents for every $100 spent. The goods are then shipped to China and sold on the local market.
The scheme continues to gain momentum, and US authorities recognize it as one of the most sophisticated forms of digital fraud that directly fuels Chinese organized crime.
Read also: North Korean hackers ran a US ‘laptop farm’ from a woman’s home in Arizona
North Korean hackers stole over $2 billion in cryptocurrency in 2025
All rights reserved. A hyperlink to the original source is mandatory when using Mezha materials.
Materials marked as PROMOTED and PARTNER NEWS are advertisements and are published as paid content. The editorial team may not share the views promoted in them.
Materials marked as SPECIAL PROJECT and SUPPORTED BY are also advertisements; however, the editorial team participates in preparing this content and shares the opinions expressed in these materials.
Materials marked as REVIEW may contain advertising information.
Photo partner: Depositphotos.
Online media entity; media identifier – R40-04705.
ТОВ “УП Медіа Плюс”
Адреса: 01032, м. Київ, вул. Жилянська, 48, 50А
Телефон: +380 95 641 22 07

source