China-based phishing groups are ramping up their activities, targeting U.S. consumers with new scams just as the holiday shopping season begins. They’re using SMS messages that promise unclaimed tax refunds or rewards points from companies like T-Mobile and AT&T to lure victims. These messages link to fake e-commerce sites that collect personal and payment information. Thousands of fraudulent domains have been registered recently, and they’re primarily promoted via iMessage or RCS messaging. Once a victim enters their payment information, the site prompts them for a one-time code sent by their bank, which the fraudsters then exploit to enroll the victim's card in a mobile wallet. These phishing sites often go unnoticed because they don’t spam mass messages, making them harder to identify and shut down. Security expert Ford Merrill notes that while these tactics have been common in other regions, they are now increasingly targeting American consumers. Phishing schemes spike during the holiday season when shoppers are more distracted and may overlook red flags. Experts recommend being cautious when shopping online, especially with unfamiliar sites. Conducting a WHOIS search can help determine the legitimacy of a domain. It’s also essential to directly visit merchants’ websites for order issues rather than clicking on links in suspicious messages. Keeping a close eye on monthly bank statements is vital, as fraudsters often exploit the holiday rush to mask unauthorized transactions.