Over the past year, a massive wave of fake text messages has been circulating in the US (and internationally), pretending to be about unpaid tolls, missed package deliveries, or government programs. You click the link, enter your card details thinking you’re paying a small fee, and—bam—the scammers have your info. Some people have ended up losing thousands of dollars.

Security researchers from Mnemonic, working with Norwegian reporters, investigated the matter and discovered a scam software called Magic Cat, operated by a 24-year-old Chinese national who went by “Darcula.” This individual was selling the tool to hundreds of clients, enabling them to run their SMS phishing campaigns. After they got exposed, Darcula vanished… but the scam didn’t.

Instead, a new group emerged, calling itself Magic Mouse. And apparently, they’re running things on an even bigger scale—stealing something like 650,000 credit card numbers every month. They’ve been spotted on Telegram showing off videos of dozens of phones blasting out mass scam texts and photos of payment terminals ready to use stolen card data.

They take the card numbers, load them into mobile wallets, make fraudulent payments, and then launder the money through various accounts. A significant portion of their success stems from using the same phishing kits as Magic Cat—sites that closely resemble prominent tech companies, delivery services, or other trusted brands.

The frustrating part? Law enforcement appears to focus primarily on individual fraud cases rather than attempting to shut down the operation as a whole. Meanwhile, security experts say that tech companies and banks need to take more serious measures to prevent stolen cards from being used so easily.

For now, the best advice remains the boring but true one: if you receive an unsolicited text asking you to click a link or pay for something, ignore it. These scams are evolving rapidly, and the safest course of action is not to engage at all.

If anyone’s seen a spike in these kinds of texts lately, it would be interesting to hear what kinds of “stories” they’re using now.