The Latest Scams & Threat Intelligence

Current Threat Vectors & Trends

Our active telemetry dashboard constantly processes incoming screenshots to identify the newest patterns. Recently, we have observed a massive surge in hyper-localized SMS scams (often referred to as 'smishing'). Unlike broad email spam campaigns, these modern attacks utilize compromised carrier networks to blast thousands of messages targeted by area code.

The latest scams often perfectly spoof Caller IDs to make the text appear to originate from an official corporate short-code. They exploit urgent societal narratives—from fake toll road violations to urgent utility bill cutoff notices (like Hydro One or Toronto Hydro).

How Attackers Evade Detection

The reason the latest scams are so dangerous is due to their disposable infrastructure. Attackers no longer register a single domain and use it for months. Instead, they utilize automated scripts to generate thousands of unique, slightly modified proxy URLs (e.g., suspicous-update-portal-8821.com).

These domains stay active for only hours—just long enough to intercept a wave of clicks before burning out. By the time traditional antivirus engines blacklist the URL, the scammers have already moved on. This is why immediate, crowd-sourced scam reporting is the only viable defense mechanism.

Protecting Your Digital Identity

To stay ahead of the latest scams, you must adopt a zero-trust approach to unsolicited communications. Never click links provided in SMS messages, regardless of how legitimate the sender name appears. Always navigate to the official website manually. Furthermore, enabling Hardware-based Two-Factor Authentication (like YubiKey) instead of SMS-based 2FA drastically reduces the risk of successful phishing attacks.