FBI Warns of Major Chinese Smishing Attack Targeting iPhone and Android Users

The FBI has issued a new warning to smartphone users across the United States, urging them to delete suspicious messages and stop responding to unsolicited texts. According to a cybersecurity report by Resecurity, Chinese cybercriminals are launching a massive "smishing" campaign that is compromising iPhone and Android users on a large scale.

Smishing — a form of phishing via SMS or messaging apps — is being used by a newly identified Chinese group, which has reportedly taken over Apple and Gmail accounts in bulk. The attackers are using iMessage and Google’s RCS (Rich Communication Services) instead of traditional SMS to create more convincing and deceptive messages.

Resecurity, the same company that previously uncovered the Chinese “Smishing Triad,” has now identified a new attack kit known as “Panda Shop.” Named after China’s national symbol, the "Panda Shop" is anything but friendly. It is being used to steal personal and financial data, including credit card details and digital wallet access from Apple Pay and Google Wallet users.

Unlike earlier scams involving fake tolls or missed parcel deliveries, this new wave of attacks is focused on financial theft and identity fraud. The attackers also intercept transactions and collect data that is later sold on underground markets.

These cybercriminals operate from China and are reportedly unafraid of U.S. law enforcement. According to Resecurity, they often communicate through Telegram and openly brag about being out of reach of international authorities.

The scale of the threat is alarming. Experts estimate that just one attacker could send up to 2 million smishing messages per day, potentially targeting over 60 million people a month. This could result in hundreds of millions of dollars in financial losses globally.

Cybersecurity expert Kern Smith from Zimperium says the situation highlights how mobile devices remain a top target for cybercriminals. Attack kits like Panda Shop are sold to multiple criminal groups, who then use templates to imitate local banks, telecom providers, and retailers.

If a victim falls for the scam, their credit card and identity information may be sold online, leading to further fraud and data theft.

Authorities continue to stress the importance of being cautious. Users are advised to:

• Assume all unexpected messages are scams.

• Never click on suspicious links.

• Use official apps or websites to access services.

• Delete all fraudulent messages immediately.

• Monitor bank accounts and change passwords if you suspect any breach.

The global smishing threat is growing, and stopping it remains difficult due to legal and geopolitical barriers. Cyber experts warn that the best defense is awareness and cautious digital behavior.