Threat Report: Smishing Triad
Smishing Triad is a coordinated, large-scale phishing operation leveraging mobile messaging (SMS) to impersonate trusted financial and shipping brands. First observed in 2023, it has rapidly evolved into an industrialized ecosystem of phishing kits developed and distributed by Chinese actors — now active in over 121 countries, with a sharp increase in attacks across the APJ region.
The campaign is targeting some of the world’s biggest brands, including HSBC, PayPal, Mastercard, Bank of America, Chase, and more.
- Learn about Smishing Triad’s key targets in the financial services sector
- Discover the global campaign’s infrastructure and attack methods
- Access actionable mitigation strategies and techniques, including a sample list of Indicators of Future Attack™
This isn’t just another phishing report. It’s a look into the next generation of threat infrastructure targeting financial services — one your security team needs to understand now.
The Silent Push Difference
Silent Push provides preemptive cyber intelligence that exposes threat actor infrastructure as it’s being set up, and shared as Indicators of Future Attack (IOFA), allowing organizations to proactively block attacks.
